Google extensions pulled over malware shows that even the incredibly widespread web browser, Google Chrome, has trouble with cyber attacks and online threats this week. The company has confirmed in a statement that due to malware risks being pushed onto Chrome users by extensions, 2 of its affected products are being taken off of the market. AJC News reports this Tuesday, Jan. 21, 2014, why many users of this popular Internet surfer source should certainly reconsider before simply downloading their next extension for immediate use.
Having Google extensions pulled began in part due to a well-known technology blogger — Amit Agarwal, known for the Add to Feedly extension to enhance the overall subscription RSS program — mentioned someone wanting to buy his popular extension once it had garnered well over 30,000 individual home users.
"It was a 4-figure offer for something that had taken an hour to create and I agreed to the deal,” he said.
Soon afterwards, the new owners of Add to Feedly began to input adware updates to the extension with their newly acquired purchase. Instead of being a helpful add-on for RSS service users, it now did little more than infect computers with a number of pop-up ads, malware risks, and malicious links.
Another popular Chrome extension known as “Tweet this Page” — and the second of the 2 Google extensions pulled off the market — was also highlighted by another technology blogger as a serious malware threat to computers.
"About a month ago, I had a very simple Chrome extension called 'Tweet This Page' suddenly transform into an ad-injecting machine and start hijacking Google searches. ... The extension only started injecting ads a few days after it was installed in an attempt to make it more difficult to detect."
It appears that in both situations, buyers decided to use the former popularity and safety of the extensions to their advantage into tricking both old and new users. The issue was also cited in part due to Google Chrome’s overall poor security standards at the time.
"Google doesn't review changes to the code of Chrome extensions, and Chrome allows extensions to be updated and pushed to users' computers automatically."
“Google has since removed both applications from its massive store due to these issues, but the practice of spreading malware through Chrome extensions remains a present threat.”