Google Removes Chrome Extensions From Web Store Citing Hidden Malware As Reason

  on January 20 2014 12:20 PM

Two extensions recently disappeared from the Google Chrome Web Store in a move that shows Google will not put up with malware-peddling browser extensions. “Tweet this Page” and “Add to Feedly” were removed by Google as they violated Google’s terms of service regarding advertising.News hit the internet last week that “investors” have been approaching Chrome extension developers asking to purchase their programs, intending to secretly add malware after the purchase has completed, and now Google is cracking down.

Google updated its policies in December to prevent developers from including additional code in their extensions, stating that extensions should be “simple and single-purpose in nature.” Both now-removed extensions, with less than 100,000 subscribers each, originally didn’t violate these terms. However, Amit Agrawal, the developer of “Add to Feedly,” admitted on his blog this weekend that he sold his Feedly-friendly extension to a woman for a “four-figure offer for something that had taken an hour to create.” He states that he googled the woman’s name but got no results.

That’s where the unknown buyer’s plan took effect. She, or someone who works for her, amended the code to include a bit of adware, malware that solicits advertising to extension users. The reason why this is so reprehensible is because Chrome extensions automatically update. Users were not made aware that they were now targets instead of customers. This, of course, violates the single-purpose concept put forth by Google.

The adware in question isn’t particularly intrusive. “These aren’t regular banner ads that you see on Web pages; these are invisible ads that work [in] the background and replace links on every website that you visit into affiliate links,” Agrawal says on his blog, describing how simple the designed adware is. “If the extension is activated in Chrome, it will inject adware into all Web pages.”

Other developers have reported that they have been approached as well. Honey Science Corporation, makers for the extension “Honey,” an extension that silently browses for active coupon codes, spoke out about the problem Saturday on Reddit: “Over the past year we’ve been approached by malware companies that have tried to buy the extension, data collection companies that have tried to buy user data, and adware companies that have tried to partner with us. We turned them all down.” Unlike “Tweet this Page” and “Add to Feedly,” the coupon-finding extension has a fairly large subscriber base of over 700,000 users.

While background adware may seem like a small issue, this problem has an unsettling tone reminiscent of the NSA’s pervasive spying. Developers like those at Honey Science Corporation may hold out for a while against unknown investors, but not every company will have that kind of conviction, and many will sell. If this trend of nefarious investors continues, transparency in business may become the hottest online topic of 2014. 

Join the Discussion