Google has recently intervened removing from its web store about 500 extensions for the Chrome browser which have proven to be malicious in nature. This result came after a two-month internal investigation work.
These Chrome browser extensions operated maliciously by injecting malicious advertisements during user browsing sessions and. This code was activated under specific conditions of use, redirecting users to specific sites.
Not everything seemed unfounded in the eyes of the users : in some cases the destination sites were perfectly lawful, however introducing an affiliate code that enriched the creator of the Chrome extension. In other cases, however, the landing page led to the download of malware or to a page specially developed to undertake a phishing activity.
It is not clear how many users have downloaded and used , over time, the over 500 extensions of the Chrome browser removed by Google as infected. Easy to estimate that the order of magnitude is that of millions of users .
By intervening on the extensions, Google has banned them from the store and automatically deactivated them within each browser that installed them . Not only that: the extension has been marked as malicious, further indication for users that something was wrong.