Google removes malicious Chrome extensions with 1.4 million users

By now you probably know that you need to exercise caution when installing new programs on your computer. But savvy web users know that the same thing applies to web browser extensions — which are, in a way, merely smaller programs on a more specific platform. Such is the case with a series of five Chrome browser extensions Google recently removed from its official Chrome Web Store repository.

The five extensions had been installed by a combined 1.4 million users before Google took them down. According to a report by McAfee security researchers (via Ars Technica), the extensions kept a list of every website visited by the user, along with their location down to the city and county. The extension would then inject custom Javascript ads onto certain websites, earning the developers some ill-gotten advertising revenue. In an especially tricky twist, some of the extensions would wait fifteen days to inject its advertising, making the source of the problem all the harder to track down.

Extensions hijacking browsers in order to plaster the web with even more ads is nothing new. It’s the fact that these extensions appeared on the Chrome Web Store, ostensibly with Google’s seal of approval, that allowed them to affect such a wide array of users. You can admonish users for being careless all you want, but if Google hosts the extensions and presents them directly to users, the company bears some of the responsibility. But initial testing and scans can only do so much, especially when popular extensions can be sold to less-scrupulous new owners.

The affected extensions are “Netflix Party,” “Netflix Party 2,” “FlipShope – Price Tracker Extension,” “Full Page Screenshot Capture – Screenshotting,” and “AutoBuy Flash Sales.” If any of them are on your Chrome browsers or Chrome OS devices, remove them now.