Chrome extensions ripe for adware/malware filled "silent" updates
Posted by: Jon Ben-Mayor on 01/20/2014 06:09 AM
[
Comments
]
The ownership of a Chrome extension would seem to be a no brainer as far as safety is concerned, right? This is not the case - as the ownership can (and does) get transferred without any notification to the user, opening up you up to pushy adware and maybe something even worse.
Malware and adware vendors have caught on to this fact and have begun attempting to make cash offers to authors in hopes of getting a ready made adware or malware distributor from the extensions.
The vendors are exploiting the very extension system to deliver their product onto unsuspecting users.
According to Ars Technica, once the deal is done and the ownership of the extension is transferred, the new owners can issue an ad-filled update over Chrome's update service, which sends the adware out to every user of that extension.
They go on to give an example of one such extension that turned to the dark side; a simple Chrome extension called "Tweet This Page" was suddenly transformed into an ad-injecting machine and started hijacking Google searches. The extension in question has since been removed, but it looks like another, with a very similar name has replaced it.
Pay attention to what extensions you have and maybe even take the time to read some of the reviews just to be safe. A little time spent double checking now will save a lot of time uninstalling and re-configuring your settings later.
Malware and adware vendors have caught on to this fact and have begun attempting to make cash offers to authors in hopes of getting a ready made adware or malware distributor from the extensions.
The vendors are exploiting the very extension system to deliver their product onto unsuspecting users.
According to Ars Technica, once the deal is done and the ownership of the extension is transferred, the new owners can issue an ad-filled update over Chrome's update service, which sends the adware out to every user of that extension.
They go on to give an example of one such extension that turned to the dark side; a simple Chrome extension called "Tweet This Page" was suddenly transformed into an ad-injecting machine and started hijacking Google searches. The extension in question has since been removed, but it looks like another, with a very similar name has replaced it.
Pay attention to what extensions you have and maybe even take the time to read some of the reviews just to be safe. A little time spent double checking now will save a lot of time uninstalling and re-configuring your settings later.
Comments
