Mozilla removed Avast and AVG-developed extensions from Firefox

Mozilla has removed four extensions for Firefox from Avast and its affiliate AVG from the official extension catalog: Avast Online Security, AVG Online Security, Avast SafePrice, and AVG SafePrice.

The fact is that these products collected user data (referrer addresses, unique UIDs, country code, browser name and version, OS information, etc.) and traced user’s history.

The first two extensions warned users when switching to known malicious or suspicious sites, two more were intended for online buyers, showed price comparisons, great offers and affordable discount coupons.

Extensions were removed after Mozilla received a warning from AdBlock Plus developer Vladimir Palant. The fact is that at the end of October he studied the work of Avast Online Security and AVG Online Security, and found that add-ons collect much more data than is necessary for their work, including a detailed browser history.

Are you one of the allegedly 400 million users of Avast antivirus products? Then I have bad news for you: you are likely being spied upon. The culprit is the Avast Online Security extension that these products urge you to install in your browser for maximum protection”, — wrote IS expert.

Palant then posted another blog post about the similar behavior of Avast SafePrice and AVG SafePrice.

As October blog post did not attract much attention and received little publicity, Palant was forced to contact Mozilla engineers directly this week. After that, all four extensions were removed within 24 hours.

Read also: Firefox developers create additional protection against code injection attacks

Interestingly that currently, all four add-ons are still available in the Chrome Web Store, although Google, like Mozilla, prohibits this behavior of add-ons. Palant writes that it’s more difficult to remove extensions in the case of Google, since deletions usually occur only after widespread media coverage.

Avast representatives have already stated that Avast Online Security simply needs to collect a history of URLs to provide users with security, because the addon is designed to protect against phishing and malicious sites.

We have already implemented some of Mozilla’s new requirements and will release further updated versions that are fully compliant and transparent per the new requirements”, — the Avast spokesperson said.

It is emphasized that data collection is carried out without user notification. Avast developers promised to solve the problem soon: release an updated version of the extension, following all Mozilla standards, and assured that the addon will soon return to the catalog.

About the author

Valdis Koks

Security engineer, reverse engineering and memory forensics

Leave a Comment