Google Cracks Down on Malicious Chrome Extensions

Apps and Software

Photo by: geralt via Pixabay


Be careful when downloading desktop Chrome extensions, warns Lily Hay Newman of Wired.

While they may allow flawless access to services such as Evernote, password managers or bitmoji, there may be malware lurking inside them, even if downloaded from the official Chrome Web Store.

Malicious extension downloads have gone down by 70 percent over the last two and a half years, according to Google, but they are increasingly being used in criminality, notes William Peteroy, CEO of the security firm Icebrg.

Because it commands more than half of the browser market, attacks on Chrome affect the most number of people. Icebrg discovered four malicious extensions on the Chrome Web Store that had more than 500,000 downloads combined, with such names as Stickies or Lite Bookmarks.

They are part of the clickfraud scams designed to increase revenue for the attackers, and these could access user data. Google had the four extensions removed after being informed by Icebrg.

James Wagner, a Chrome product manager, said Google is working hard to keep the extensions ecosystem free from malware and abuse. Wagner added that they are using machine learning to uncover malicious behavior in extensions.

But just the same, malicious extensions show up regularly since Chrome is already a reliable application, and when the users run certain programs on it, such as extensions, their operating system and antivirus software usually ignore it.

Hackers have also found ways to get their products on the Chrome Web Store and modify them remotely once downloaded to activate harmful features.

In October 2017, Google also took down three extensions that were copying AdBlock Plus, with one already having 40,000 downloads.

The most important thing that users can do to protect themselves from malicious Chrome extensions is to choose carefully what they want to download and to use extensions only from reliable sources.

It is also important to determine what permissions the extensions ask from users before they can be installed.