A team of security scientists have found malware in a favorite Chrome extension that might have sent the browsing information of over 1.2m users to a single IP address.

ScrapeSentry credits its research workers with uncovering “a dark side effect to a free program which possibly leaks [users’] private info back to one IP address in the USA”.

ScrapeSentry submitted its findings to Google and analysed the dodgy Chrome extension.

Webpage Screenshot, the violating malware, was taken out of the Chrome Extension web store on Tuesday. The extension seemingly enabled users to get screenshots and save them for later editing.

In a scripted statement Zetterlund said: “We recently identified an uncommon pattern of traffic to one of our customer’s websites which alarmed our researchers that something was really wrong.”

He included: “Everything downloaded from the web should be addressed with feeling, itis wise to look what others need to say about software and extensions first if you do not have the knowledge to pick them apart yourself.”

“And obviously, if it is not discontinued, the plugin may, at any particular time, be upgraded with new malicious functionality too. We’d expect Google will look into this security violation with some urgency,” he added.

Said the company man, it was utilized to understand who the users of the expansion were and where they were found to help drive development of the code.