Skip to main content

Digital Trends may earn a commission when you buy through links on our site. Why trust us?

Google recently kicked 500 dodgy extensions from Chrome Store

 

Security researchers revealed this week that Google recently removed more than 500 extensions from its Chrome Web Store after learning that they injected malicious ads into people’s browsing sessions.

Recommended Videos

Independent researcher Jamila Kaya worked with Cisco’s Duo Security team on the investigation (initially shared with ZDNet), which uncovered what Duo described as “a large-scale campaign of copycat Chrome extensions that infected users’ browsers.”

The extensions were able to exist on the Chrome store as they were designed in a way to beat Google’s fraud detection systems. But they were eventually exposed by Kaya and Duo’s own research methods, which made use of the latter’s free Chrome extension security assessment tool, called CRXcavator.

During the course of their joint investigation, the pair were able to find 70 malicious extensions with a total of around 1.7 million installs globally. After informing Google, the company continued with the case and was able to locate a further 500 similar extensions, all of which it removed from the Chrome Web Store. The web giant was also able to deactivate the extensions on browsers that had them installed, and mark them as malicious to encourage users to remove them entirely.

While the malicious code injected by the extensions sometimes led to ads for sites like Macy’s, Dell, or BestBuy, it wasn’t always the case. Duo said the extensions’ activity could be considered as malvertising and ad fraud rather than legitimate advertising because, 1) it involved a large amount of ad content, 2) many of the ads were hidden from the user, and 3) the user was sometimes redirected to malware and phishing sites.

In a statement, Google said it appreciated the work of the research community on such matters, adding, “When we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses. The company also said that it does regular sweeps to search for malicious extensions and removes any that it finds.

The troubling incident is a good reminder to take a moment to review all of the extensions that you currently have on your computer. If you’re unsure about any of them, do a spot of research before deciding if they’re legitimate, and uninstall any that you no longer use.

“As part of good security hygiene, we recommend users regularly audit what extensions they have installed, remove ones they no longer use, and report ones they do not recognize,” Duo Security said. “Being more mindful and having access to more easily accessible information on extensions can help keep both enterprises and users safe.”

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
Google boosts enhanced security with AI-powered upgrade
Person using Google

Google has strengthened Chrome's security with AI-driven real-time protection, helping safeguard your PC from dangerous downloads, sites, and extensions, as spotted by Leo on X (via Bleeping Computer). Google tested the update for three months, but it's now distributing it to all users on the stable channel.

The key change is the addition of AI-protection to the security feature, which is part of safe browsing, that's been around for years. However, users should remember that browsing data is sent to Google when you enable Enhanced Protection. Google renamed the feature to highlight AI integration, but how the new version varies from the previous one is unclear.

Read more
It looks like Microsoft has yet another anti-Google trick up its sleeve
Microsoft Edge appears on a computer screen with plants and a window in the background.

Microsoft drew attention at the beginning of this month for showing rather misleading Google-style search bar when users searched for the rival engine on Bing. Now, it appears the company is targeting the Chrome browser as well. Spotted by Windows Latest, some users may see a big banner pushing Edge when they search for Chrome while using Microsoft's browser.

The real dodgy part, however, is the fact that this banner just happens to partially hide the Chrome download link behind a "See more" button.

Read more
Google is testing a feature that will let AI hide away internet pop-ups
Google Chrome browser running on Android Automotive in a car.

Google is testing a new feature in Chrome Canary, the experimental version of the Chrome browser. As reported by TechRadar, the "PermissionsAI" feature is designed to deal with pop-ups from websites asking you to share your location or consent to notifications.

According to Chromium, the tool will use Google's "Permission Predictions Service" and Gemini Nano v2 to analyze users' previous responses to pop-ups and guess how they will respond to new ones. If you're likely to decline, the feature will block the annoying pop-up that appears in the middle of your screen and instead hide it away in a corner in case you need it later.

Read more