Malicious Chrome Extensions and What You Can Do About Them
Google has recently removed almost 200 extensions from its Chrome catalogue after finding that they were malicious. Around 14 million people had been tricked into using the extensions, which were discovered during research. Google looked at over 100 million visits to its sites and found that around 5% of people visiting its sites each day had used at least one malicious add-on.
Some malicious extensions push adverts and pop ups on their users, but others are created in order to steal personal information such as login data, bank details or steal bitcoins. Most dangerous extensions are often easy to spot, but some extensions are more difficult to analyse as they use methods seen in add-ons that aren’t malicious. For example, you would think that software designed to change or replace adverts on a page may be seen as malicious, however extensions such as AdBlock does a similar thing in a helpful way by hiding unnecessary paid-for content on webpages.
The full findings of the research will be published in May but Google has acted on early data to remove 192 potentially harmful extensions from its Web Store. In the case of extensions that flood users with ads, the same few developers were often behind many of the add-ons, meaning that the problem may be easy to tackle.
The University of California Santa Barbara has been working with Google to help develop algorithms that can spot potentially malicious extensions and report them for investigation as Google has received over 100,000 complaints about ad-injecting extensions this year alone. But until tighter security is established, there are a few things you can do to help keep your Chrome browser safe from harmful add-ons.
Routinely scanning your computer for viruses and malware may help to alert you to any bad extensions or browser-controlling software you may have downloaded. Sometimes safe extensions are purchased by hackers for malicious purposes and so malware may be downloaded onto your computer when the extension is updated. Scanning your computer with a service such as Malwarebytes can help to keep you safe if previously safe software has changed.
Before downloading and installing a new extension, make sure to read reviews and check ratings to see what others have said about whether the extension does what it claims. Also be sure to pay attention to small print and extra details as well as any option boxes that have been automatically ticked. Ad-injecting extensions do not violate Chrome’s policies if they clearly state what they do, however there may be more unwanted features hidden in small print.
Installing an extension such as Shield For Chrome can help you identify which of your current extensions may be harmful and it will also alert you to potential malware in extensions you want to download in the future. As previously mentioned, some useful extensions also use techniques and code which could be seen as malicious, but for a helpful cause. So Shield can only go so far in determining which add-ons are useful versus harmful and vise versa.
If Chrome is acting slow, no longer blocking pop ups or you seem to be seeing more adverts than normal, you may have a malicious extension accidentally installed. In this case you should go to Chrome menu > More tools > Extensions then locate the potentially harmful extension and click the trash icon to remove it. If your settings have been changed so that your home page or search engine open as websites that you didn’t choose, you can reset Chrome settings by going to Chrome menu > Settings > Show advanced settings and clicking on ‘Restore settings’.
While adware and malicious extensions aren’t native to Chrome, it’s clear that Google has had problems in sorting and verifying the safe extensions from the harmful. Until the reports are published and Google has had chance to crack down further on the Chrome Web Store, make sure to do the best you can to keep your browser free from ads and spyware.