The Web Of Trust (WOT) add-on was removed silently by the popular web browsers Google Chrome and Mozilla Firefox soon after it was reported on German media that the add-on ‘Web Of Trust’ collects and sells the browsing history of users to third-parties, without even bothering to anonymize the user data.
Mozilla spokesman said,
“Mozilla removes browser extensions when we find that extensions violate our guidelines for add-ons. We received complaints about ‘Web of Trust’, which are related to how transparent the add-on works.”
WOT is one of the most trusted and popular add-ons used by millions of users worldwide to check the safety ratings of websites. German news site recently reported that the add-on is malicious and can remotely execute arbitrary commands on any web page browsed by the users including privileged browser pages.
While WOT hands over the users’ data in an anonymized form, it can be severely critical. As per the analysis reported by Rob, a Security Technology student and AMO editor working on Firefox WebExtensions, WOT can also steal the banking credentials of the users besides installing malware in their system.
Downloaded more than 140 million times, the extension WOT collects and sells information like user ID, web address, location, time, and date. Among other things, data stored by WOT also include the travel details of users, sexual preferences as well as illness of users. This information is sold to third parties, which is further sent to the interested marketing companies.
While browsers like Google Chrome, Opera and Firefox have already removed WOT from their stores, the Android app WOT Handyschutz is still available in the Play Store.
You can check out the entire analysis report here and learn more about it.
UPDATE – WOT has responded with a statement:
We take our obligations to you very seriously. While we deployed great effort to remove any data that could be used to identify individual users, it appears that in some cases such identification remained possible, albeit for what may be a very small number of WOT users. Of course, if the data allows the identification of even a small number of WOT users, we consider that unacceptable, and will be taking immediate measures to address this matter urgently as part of a full security assessment and review.
So will you be uninstalling WOT from your browser?
