Techly NewsGet the app

Get the latest tech news

Researcher uncovers dozens of sketchy Chrome extensions with 4 million installs


Even weirder: why would Google give so many the “Featured” stamp for trustworthiness?

Google is hosting dozens of extensions in its Chrome Web Store that perform suspicious actions on the more than 4 million devices that have installed it and that the developer has taken pains to carefully conceal. The extensions, which so far number at least 35, use the same code patterns, connect to some of the same servers, and require the same list of sensitive systems permissions, including the ability to interact with web traffic on all URLs visited, access cookies, manage browser tabs, and execute scripts. Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords.

Get the Android app

Or read this on ArsTechnica

Read more on:

Photo of Chrome

Chrome

Photo of Dozens

Dozens

Photo of installs

installs

Related news:

News photo

Governments identify dozens of Android apps bundled with spyware

News photo

Curl-impersonate: Special build of curl that can impersonate the major browsers

News photo

Chrome for Android is getting extensions, but not like you’d expect

« Engadget Podcast: Pixel 9a review and bracing for tariffs
These clip-on earbuds are unlike anything I've used before »