Avast has been harvesting user data, according to Wladimir Palant, creator of the Adblock Plus extension, prompting Mozilla and Opera to remove all four extensions from their add-on sites.
If you currently use the Avast Online Security, AVG Online Security, Avast SafePrice, or AVG SafePrice extensions in your browser of choice, stop. Avast has been found to be harvesting user data, which led Mozilla to remove all four extensions from its add-on site. Opera has also removed them.
As ZDNet reports, the data harvesting Avast is carrying out was first discovered by Wladimir Palant, creator of the Adblock Plus extension. In late October, Palant posted his findings and labeled Avast’s browser extensions as spyware. When active, Avast receives anonymized data that “allows reconstructing your entire web browsing history and much of your browsing behavior,” he said.
A new post by Palant this week confirms that both Mozilla and Opera have removed Avast’s extensions from their sites; they remain on Google Chrome.
Another area of concern is the Avast Secure Browser, which has the Avast Online Security extension installed by default and hidden from the extension listing. If you use that browser, your data is being collected, Palant says.
Back in 2013, Avast acquired the company Jumpshot, which created a “clickstream data” product able to collect very detailed data from millions of online users. Palant believes it’s this technology Avast is using in its browser extensions to collect the data.
An Avast spokesperson told ZDNet the following: “The Avast Online Security extension is a security tool that protects users online, including from infected websites and phishing attacks … It is necessary for this service to collect the URL history to deliver its expected functionality. Avast does this without collecting or storing a user’s identification. We have already implemented some of Mozilla’s new requirements and will release further updated versions that are fully compliant and transparent per the new requirements … These will be available as usual on the Mozilla store in the near future.”
When Palant looked at the data being sent to Avast’s servers he found it included the full address of the page visited, the page title, address of the referrer page, identifier for the window and tab ID loading the page, how you got to the page (bookmark, typed address, etc.), if you have visited the page before, country code, two different unique user IDs, browser type, and operating system used including version number. Other fields existed, including IP address and a hardware identifier, but they were unused at the time of review.