Your browser could be infected, and you’d never know. 🪲🦠 Parasitic extensions installed on nearly 1 million devices have been circumventing security protections, turning browsers into web scrapers. That volume booster you used to max out Netflix might be an AI spy. 1/5

What links these addons is an open-source JavaScript library called MellowTel-js, which monetizes extensions. Business customers, such as AI startups, pay to scrape websites through users’ browsers. Customers request specific pages, and the users then retrieve that data. 2/5

A researcher identified this as posing a risk to users who install extensions with MellowTel, as factors such as users' location are sent back to an AWS server. The extension also injects a hidden iframe into pages and connects to a list of sites specified by this server. 3/5

“This weakening of all web browsing can open users up to attacks like cross-site scripting that would generally be prevented,” said the researcher; users are not only "unintentionally becoming bots, but their actual web browsing is more vulnerable as well.” 4/5