If you’re using the Avast Online Security, AVG Online Security, Avast SafePrice, or AVG SafePrice extensions in your browser of choice, stop. Avast is collecting user data, for this reason Mozilla removed all four extensions from its add-on site. Opera has also removed them.
A report from ZDNet states that the data harvesting was discovered by Wladimir Palant, creator of the Adblock Plus extension. In October Palant published an article about it and labeled Avast’s browser extension as Spyware.
Another post by Palant confirms that both Mozilla and Opera have removed Avast’s extensions from their sites; they remain on Google Chrome.
Another product of concern is the Avast Secure Browser, which has the Avast Online Security extension installed by default and hidden from the extension listing. If you use that browser, your data is being collected, Palant says.
Palant believes that Avast is using the technology of a company they acquired in 2013 called Jumpshot. This company collected very detailed data from millions of online users.
An Avast spokesperson said the following concerning this: “The Avast Online Security extension is a security tool that protects users online, including from infected websites and phishing attacks … It is necessary for this service to collect the URL history to deliver its expected functionality. Avast does this without collecting or storing a user’s identification. We have already implemented some of Mozilla’s new requirements and will release further updated versions that are fully compliant and transparent per the new requirements… These will be available as usual on the Mozilla store in the near future.”
When Palant looked at the data being sent to Avast’s servers he found it included the full address of the page visited, the page title, address of the referrer page, identifier for the window and tab ID loading the page, how you got to the page (bookmark, typed address, etc.), if you have visited the page before, country code, two different unique user IDs, browser type, and operating system used including version number. Other fields existed, including IP address and a hardware identifier, but they were unused at the time of review.