Monday, September 18, 2023

Huh. So they didn't do this?

Chrome browser to notify you when an extension is removed from the Chrome store:

Google is testing a new feature in the Chrome browser that will warn users when an installed extension has been removed from the Chrome Web Store, usually indicative of it being malware.

An unending supply of unwanted browser extensions is published on the Chrome Web Store and promoted through popup and redirect ads.

These extensions are made by scam companies and threat actors who use them to inject advertisements, track your search history, redirect you to affiliate pages, or in more severe cases, steal your Gmail emails and Facebook accounts.

The problem is that these extensions are churned out quickly, with the developers releasing new ones just as Google removes old ones from the Chrome Web Store.

Unfortunately, if you installed one of these extensions, they will still be installed in your browser, even after Google detects them as malware and removes them from the store.

Kudos to Google on this but it's a little surprising that this wasn't in from day one.  And the fact that they did this makes you wonder just how big a problem this is.  My take is "big".

And as to extensions, remember Borepatch's First Law of Security from back in 2008: "Free Download" is Interwebz-speak for "open your mouth and close your eyes."


Old NFO said...

Yep, sigh...

matism said...

Never forget that MANY of those apps are from FedGov! And Google dares not touch them.

lee n. field said...

One of the first things I'll do on a customer PC with weirdness issues, is check Chrome extensions, and remove anything remotely sketchy looking.

Aesop said...

One might have thought Chrome would run a check on the extensions offered before offering them at the Chrome Web Store.

What they're doing now is the digital equivalent of a bakery testing cookies for poison after they sold them to you and you ate them.

How mighty white of them.

Matthew W said...

Before I started using Brave, I used Chrome. I only installed extensions that had long, historical track records.