The Chrome Web Store is once again under scrutiny. This time, the reason is a number of dangerous browser extensions that managed to reach the official store despite Google’s stringent security checks. Surprisingly, these extensions were not found on any suspicious website but were available directly on the Chrome Web Store, putting more than 100,000 users at risk.
How dangerous extensions dodged Google’s security measures
According to researchers at cybersecurity company Symantec, these extensions were not limited to just showing annoying ads or slowing down browsing. They were accessing data copied to users’ clipboards, stealing sensitive information, and giving control of the browser to remote attackers. In some cases, these extensions could even run malicious code inside Chrome for long periods of time without the user’s knowledge.
Good Tab Extension
The most worrying example is the Good Tab extension, which at the time of writing was still available on the Chrome Web Store. This extension uses an insecure HTTP iframe, allowing user clipboard data to be directly accessed by a remote website. This means that passwords, personal notes, or even crypto wallet addresses can be stolen or changed. Users may suffer huge financial losses without any warning.
Other extensions that proved to be extremely dangerous
In addition to Good Tab, several other extensions have been identified. An extension named Child Protection, which has now been removed, was acting as a remote control tool for the attackers. It was capable of stealing cookies, hijacking logins, and running arbitrary JavaScript code.
Meanwhile, DPS Websafe presented itself as a reliable tool like Adblock Plus, but in reality, it manipulated search results, tracked browsing activity, and misled users through fake branding. The Stock Informer extension is also reportedly still available on the store and has a serious security flaw. Due to incorrect message verification, hackers can run malicious code from anywhere.
What should Chrome users do now:
If you’ve ever installed any of these extensions, the safest thing to do is to remove them immediately. Further, don’t assume that an extension is trustworthy just because it’s available in the Chrome Web Store.
How to keep your data safe:
Install only the extensions you really need. Always read the permissions asked for by any extension before adding it, and review your installed add-ons regularly. If an extension looks suspicious or is no longer in use, it’s best to remove it.
