Follow Us

Google Pulls Two Chrome Extensions For Pushing Malware

After extensions Add to Feedly and Tweet This Page turned into malware, users have begun complaining about Google's lax security policies.

Google Pulls Two Chrome Extensions For Pushing Malware

Google

Posted: 9:27 p.m. EST Jan 20, 2014

If you use Google's popular web browser Chrome, you may want to think twice before downloading your next extension. The company recently pulled two products from its extension store after they started pushing malware on their users.

The story starts with Amit Agarwal, a tech blogger who created the Add to Feedly extension to augment the popular RSS service. In a blog post, Agarwal says someone offered to buy his extension after it gained around 30,000 Chrome users. "It was a 4-figure offer for something that had taken an hour to create and I agreed to the deal." (Via Digital Inspiration)

A few months after the purchase, Add to Feedly's new owners quietly updated the extension with adware. The once-useful add-on now injected malicious ads onto webpages, replacing links and confronting users with pop-ups. (Via OMG Chrome)

After Add to Feedly's woes went public, a writer for Ars Technica shared a similar experience he had with a different Chrome extension.

"About a month ago, I had a very simple Chrome extension called 'Tweet This Page' suddenly transform into an ad-injecting machine and start hijacking Google searches. ... The extension only started injecting ads a few days after it was installed in an attempt to make it more difficult to detect."

The Wall Street Journal notes in both cases malware purveyors took advantage of an existing extension's user base and Chrome's lax security standards. "Google doesn't review changes to the code of Chrome extensions, and Chrome allows extensions to be updated and pushed to users' computers automatically."

Google has since removed both applications from their store, but the practice of spreading malware through Chrome extensions is still a threat.

One developer for the Chrome extension Honey recently held an Ask Me Anything on Reddit, revealing the add-on had received numerous buy-out offers from malware companies and data collection firms. According to Google, Honey has about 300,000 users.

And Quartz points out Chrome's security team still mostly relies on user reviews to police their extension store. "Google looks like it's taking a more proactive role in enforcement, but it is still a long way from Apple's in-house regulatory commission, or even Firefox's less-rigorous editorial review."

Back in December, Google announced it will limit add-ons to a single function, getting rid of Trojan Horse extensions which deliver ads in addition to their normal use. The policy goes into full effect in June.

Top Stories

Joe St. George, Daniel Lippman, Adam Cancryn, Andrew Rafferty (left to right, top to bottom)

Inside the Race: Kennedy family backs Biden over RFK Jr.

Politico White House Reporter Adam Cancryn and White House and Washington Reporter Daniel Lippman join Scripps News on this weekend's Inside the Race.

The U.S Capitol photographed through a House Cannon building window on Wednesday, Jan. 10, 2024, in Washington.

Senate passes surveillance program renewal despite privacy concerns

U.S. officials have said the surveillance tool is crucial in disrupting terror attacks, cyber intrusions, and foreign espionage.

People celebrate King's Day in the center of Amsterdam

Amsterdam to halt hotel construction in bid to control tourism

Dutch authorities said they want to control a city that is overrun with tourism, in their eyes. The effort would also control annual hotel stays.