Google has removed more than 500 malicious extensions from the Chrome Web Store over the ad trap. The extension was found to be part of a larger fraudster’s ad network, which injected adware into browsers and pulled browsing data, implicating users in redirected cycles. In some cases, advertisements redirect users to websites related to big names like Dell and Best Buy, but most of them moved users to sites that risk downloading malware and phishing. The amount of redirects was also high, which increased the risk posed by these extensions manifold.
The discovery of these shady extensions was made public in a research conducted by independent security researcher Jamila Kaya (@bumblebreaches) and information security expert Jacob Rickard (@crxpert), and later published on the Cisco-owned duo. Once the malicious behavior of these extensions was reported to Google, the company made a sweep on the Chrome Web Store and removed more than 500 related extensions.
“We regularly sweep to find extensions using similar technologies, codes and practices and take those extensions down if they violate our policies,” a Google spokesperson quoted Duo as saying.
According to the report, the now-removed Chrome extensions were presented as products that could offer advertising services. But they were part of a larger network, which included copycat plugins. The research affects 70 of these extensions to nearly 1.7 million users, meaning that if the ad fraud involved more than 500 such extensions, the net scale was much larger.