A Google Chrome browser plugin can be used to expose the email addresses of LinkedIn users.
The plugin, called Sell Hack, can be installed on any Chrome browser and when users of it browse LinkedIn profiles, a “hack in” icon appears.
LinkedIn is said to be taking legal action over the plugin and advised users to uninstall. However, the nature of the plugin is such that its users will most likely not heed LinkedIn’s warning until threatened with stronger action.
Sell Hack insists that the the tool was created for marketing professionals and that all data is publicly available. On its website it said: “We just do the heavy lifting and complicated computing to save you time, We aren’t doing anything malicious to LinkedIn.”
LinkedIn however issued Sell Hack with legal documents. A spokesmen said: ”We are doing everything we can to shut Sell Hack down. On 31 March LinkedIn’s legal team delivered Sell Hack a cease-and-desist letter as a result of several violations”.
LinkedIn, as of June 2013 (more recent stats couldn’t be found) had 259 million users, so the potential number of affected users is likely to be huge.
Google Chrome has many plugins and tools that can be downloaded free of charge by users. Whilst most have no malicious intent or use, most plugins are produced by third parties, so the potential for malware to be produced is there.
The full consequences of the plugin are yet to surface, however it is expected that many users will certainly receive nuisance emails as a result of this.