Review

Easy Auto Refresh Is Malware

Rate this post



Looking at the Chrome Extension Easy Auto Refresh which sends an Unencrypted log of all your browsing history to edatasales.com, a site based in Hong Kong.
It doesn’t matter if you are browsing HTTP or HTTPS, all the data will be send out in an easily readable form.

If you’re using the extension, I recommend removing it.

Easy Auto Refresh:

Please donate and help support my work:
Patreon:
Paypal:

Google+
Twitter:
Minds:

Tag: easy auto refresh, Easy Auto Refresh, edatasales, Malware, Spyware, Chrome, Firefox, Extension, Addon, Security, Computing, Windows, Linux, Quidsup

Xem thêm: https://blogthủthuật.vn/category/review

Nguồn: https://blogthủthuật.vn

25 Comments

  1. Hello,

    At 4'10'', your declare that since the add-on sends the site in cleartext in HTTP it undermines the security purpose of HTTPS. It does not.
    You seem to think that HTTPS hides the hostname of the website you visit but this is not the case. HTTPS will hide the rest of the URL though but anyone sniffing will see you:
    – Resolve the hostname (DNS)
    – Open a connection to it

    Reply
  2. I am also interested in cyber security stuff, though I'm a newbie, getting into 3rd and last year of University (before Master degree) where I learned nothing new that I didn't already know or could easily find on a web engine search. I'm currently working as IT Support which gives me a lot of free time, but I'm not sure where to start my career as security analyst. Any ideas? (I don't intend to change my job this year though, so something that I can do by myself at home or in my free time at work, thanks).

    Reply
  3. At the time I have seen this video of yours, was two thumbs down… wonder why!!. Personally haven't found this video of yours interesting, but but brilliant, very brilliant, thank you a lot Qdup. Thumbs up for me.

    Reply
  4. sudo vim /etc/hosts
    Add line to bottom: 127.0.0.1 edatasales.com
    Now when any process on your computer tries to access that domain, it'll be redirected to localhost, the traffic won't even reach the network card, let alone the internet.

    Reply
  5. Oh crap, I used that extension back in April to try to autorefresh a specific page, glad I removed it long ago! I didn't even think about this, during the time I used it! It was also the free edition, glad I don't have this now.

    Reply
  6. I believe that URLS are always clear text, even when going to an https site. So, anyone on your network sniffing your packets would see that no matter if you have that plugin or not.

    Reply
  7. Holy shit, this hits close to home. I've had this addon installed for the better part of 5 years. Shit, i really wonder how much information they have on me now :S

    Reply

Post Comment