Beware of Citrio, an iffy Chrome-based browser

A few readers of the Google Chrome portion of Reddit noticed a bevy of posters that seemed to exist solely to promote a Chrome-based browser called Citrio. What started out as annoyance from the spamming turned a bit more dastardly as one person looked more deeply into the Citrio browser.

A user that goes by the moniker bmoc alerted fellow Chrome enthusiasts to the issue of the spam posters and, further, some strange behaviors observed by the browser and the company promoting it.

Upon visiting Citrio browser’s website, the main sales pitch revolves around improved download management, ability to download torrents within the browser, and a built-in proxy manager. Otherwise, the features list seems to just boast of the same things that make Chrome a popular browser: claims of speed, malware protection, and Google sign-in capabilities. Nothing too alarming or, in all honesty, incredibly useful.

The Reddit poster notes that upon installation, 5 hidden extensions begin downloading silently in the background.
The Reddit poster notes that upon installation, 5 hidden extensions begin downloading silently in the background. These apparently don’t look nefarious and the code is visible.

However, when the browser is first launched, another extension is sneakily downloaded. This one lacks open code and requires permission to view several Google webpages, particularly those that involve commerce, like Google Wallet. It then replaces some of the browser’s stock images for Google Wallet, for some reason. Since the JavaScript code downloaded with this extension isn’t visible, it is difficult to say with certainty what is going on.

After a few unsuccessful attempts to link to the company’s privacy policy, finally the proper link was found. You can view the privacy policy yourself. It more or less openly admits that it plants tracking cookies into your browser to report back to Citrio. The browser is apparently developed by a firm called Epom, which describes itself as “one of the most successful startups in ad serving and ad management spheres globally.”

While we can’t say so conclusively, it seems a lot like this browser was developed to collect and track its users’ information for the purpose of selling ads. The business about accessing Google Wallet pages is even more concerning, but the info collection scheme alone is more underhanded than Google, who at least makes it clear that you are storing your information with them.

One of the spammers, who apparently is affiliated with Citrio, responded to the post back when the link to their privacy policy was broken:

Dude, I told you, get some medical help. Once again, here’s privacy policy: Learn how to use damn web-sites! I’m tired of you, seriously.

If nothing else, they could use some work with customer relations.

Featured image by Robbert van der Steeg (Flickr)

[via Reddit]