Avast and AVG browser extensions caught collecting user data

Avg Avast Logo - Featured image

Online security browser plug-ins created by Avast and AVG to protect users have been caught spying on them instead.   

The culprits, Avast Online Security, Avast SafePrice, AVG Online Security, and AVG SafePrice, were found to be unnecessarily collecting vast amounts of data about users’ browsing history.   

Wladimir Palant, creator of AdBlock Plus, first broke the news back in an October blog post, but reported the violations to Mozilla and Google just last week. 

By examining network traffic, Palant learned that the free antivirus solutions were transmitting users’ browsing history, visited URLs, frequency of website visits, and operating system versions.

Before Palant’s blog post, Avast’s privacy policy included language that has since disappeared from the text: “We collect device and network data from all users. We collect and retain only the data we need to provide functionality, monitor product and service performance, conduct research, diagnose and repair crashes, detect bugs, and fix vulnerabilities in security or operations (in other words, fulfil [sic] our contract with you to provision the service),” the page read. 

Since then, Avast said that it was working with Mozilla on updating its add-ons.

Mozilla responded to the news by removing the problematic extensions from its add-on store. However, Mozilla has not blacklisted the extensions, confirming that they are still talking to Avast.  

Meanwhile, the extensions are still live on Chrome. Google has yet to make a statement on the matter.