Google has this week banned a couple of Google Chrome extensions from its store, that have been modified to deliver malware and adware to users via the Google Chrome silent update service.
Google Chrome extensions provide Chrome browser users with a great way to add functionality to their browser in the form of shortcuts and utilities. However Chrome extensions can easily be transferred and sold to another party as in this case, allowing them to be tampered with and updated silently via the Google Chrome update system that happens in the background.
Whenever a Google Chrome extension is updated the Chrome browser indicates this to a user with a small flash graphic across the extensions icon, in the browser header dashboard. Alerting the user to the update, however the update is already in place and may still go unnoticed for sometime.
Malware and adware vendors have now started exploiting this by purchasing Google Chrome extensions from their developers. Then change the Chrome extensions code to push their own brand of malware and adware on to unsuspecting Chrome users. Ars Techica explains:
“Once the deal is done and the ownership of the extension is transferred, the new owners can issue an ad-filled update over Chrome’s update service, which sends the adware out to every user of that extension.”
Even though Google is not explicitly responsible for such unwanted malware, as yet Google has not released any statement regards the exploits that has allowed malware to be uploaded to Chrome extensions, but as soon as they do we will keep you informed of developments.
Source: Ars Technica