Recently, Google has removed two extensions from Chrome after they delivered malware to Chrome users. The malicious ads began displaying after the extensions were purchased from their original developers. Actually, Chrome users can modify their experience with extensions, which are essentially apps for the web browser.
The extensions that were recently banned, are Add to Feedly and Tweet This Page. They had modest followings of several thousand users each, but were recently purchased. The new owners took advantage of a Chrome feature that allows developers to update their extensions without notifying users – the updates added malware ads to the extensions.
Their banner ads are not the regular ones that you see on web pages. They are invisible ads that work the background and replace links on every website that you visit into affiliate links. In simple English, if the extension is activated in Chrome, it will inject adware into all web pages.
Amit Agarwal, the original developer for Add to Feedly said he decided to sell his software after being offered a four-figure sum. About a month after selling it, Add to Feedly began delivering the malware. “It was probably a bad idea to sell the Chrome add-on and am sorry if you were an existing user,” he said.
Add to Feedly and Tweet This Page are likely not the only Chrome extensions that have been purchased from their original owners so that they can be used to deliver malware. The developers of Honey, another Chrome extension, said they have been approached for similar reasons. Over the past year they have been approached by malware companies that have tried to buy the extension, data collection companies that have tried to buy user data, and adware companies that have tried to partner with them.
Google’s removal of the two extensions comes after the company updated its Chrome Web Store policies in December. The recent bans suggest the tech giant plans to take a harder stance against those who take advantage of their users.