For long users have been warned of third-party Android apps might be hiding some malware as well. But your hyper-vigilant download habits should extend beyond your smartphone. You need to keep an eye on your desktop Chrome extensions as well.
As with Android apps, though, Chrome extensions can sometimes hide malware or other scourges, even when you install them from the official Chrome Web Store. Google says that malicious extension installs have decreased by roughly 70 percent over the last two and a half years, but a steady stream of recent research findings show that the problem, and risk to users, is far from resolved.
“What we’re seeing is an increase in criminal use of extensions,” says William Peteroy, CEO of the security firm Icebrg. “And when we start to see criminal pickup on things it absolutely meets our bar that this is something we need to pay attention to, and something users need to start paying a lot more attention to than they are right now.
Other browsers suffer a similar onslaught, but with almost 60 percent market share, attacks on Chrome users will generally affect the largest number of people, making it a prime target for criminal hackers. Icebrg recently highlighted four malicious extensions in the Chrome Web Store that had more than 500,000 downloads combined. The extensions masqueraded as standard utilities, with names like “Stickies” and “Lite Bookmarks.” The researchers saw indications, though, that they were actually part of click-fraud scams to boost revenue for attackers. And the extensions requested enough privileges that they could have snooped even more, accessing things like user data, and tracking their behavior. Google removed the four extensions after Icebrg disclosed them privately.
“Since the creation of the extensions platform, we’ve worked hard to keep the extensions ecosystem free from malware and abuse,” says James Wagner, a Chrome product manager at Google. “We’re using machine learning to detect malicious behavior in extensions, and … we’ve been particularly focused on cracking down on abusive distribution methods.” In particular, the Chrome team has been working to detect and block situations where websites push users to get an extension, sometimes trapping them in layers of installation pop-ups that try to trick people into installing.