Valid arguments about a possible industrial espionage campaign are being raised surrounding a Google Chrome extension that was caught collecting browsing history, ZDNet has learned from ExtraHop, a real-time IT analytics firm.
The company said today it detected the malicious code hidden inside a Google Chrome extension aimed at web developers. The extension, named Postman, is still available in the Chrome Web Store, despite ExtraHop reporting it to Google more than a month ago.
The extension, which has over 27,000 installs, is a blatant clone of Postman, another popular Chrome extension that can be used for testing and real-time editing of API requests.
Because of its features, the extension is usually found installed on Chrome browsers used by web developers.