Until yesterday, I thought that all the extensions in the Google Chrome store were completely safe. But with a recent incident it turned out to be the opposite. Recently Amit aggarwal, tech blogger and the developer of a popular Chrome extension called Add to feedly, sold it off to an person who paid him a good hefty amount it.
After a few weeks, Amit was taken aback when saw numerous negative comments on his sold off Chrome extension. As It turned out to be the buyer had modified the extension to insert advertisements on websites which replaced links with affiliate links. These links were invisible to most why is why the misleaded users of the extensions to affiliate sites.
The good thing is Google has now removed the add to feedly extension along with another plugin Tweet this page, which was also acquired by an unknown firm and later modified to server invisible ads. Since Chrome extensions are automatically updated in the background without your knowledge, its pretty much impossible to track the changes with every new update.
Keeping in mind that these extensions had more than 30000 users, using affiliate ads to monetize them would have definitely earned the scammers more than $1000 dollar everyday. But its opposite to the ethics of affiliate sales. In order to serve affiliate ads, the owner of the website has to let all the viewers know about them.
But it is time everyone should take preventive measure to be safe from any similar extensions from the Google Chrome Store. Fortunately a new extension called Extshield can help you with identifying adware/malware extensions. Its an first of its kind extension which aims to identify any malicious extension that is installed in chrome. The extension makes use of a pre compiled blacklist to identify any malicious extension, which is not anything advanced but does it job well to identify malicious extensions. Since it is a newly developed extension, we can expect it to add many more features in the coming days.
Using the Extshield extension is very simple. Click this link to install it from the Chrome extension store. Once installed the extension would automatically provide you with a list of apps that are potentially malicious. Here’s how it looks:
You can also manually check for any malicious extension in chrome by clicking on the Extshield icon from the chrome extension bar. So until another extension comes out with more advanced feature to detect malicious extensions, Extshield is the way to go.