For some time now, Google has been trying to limit the security issues related to the numerous applications that get installed on Google Chrome along with the installation of various unverified extensions.
It is mandatory for apps and extensions that get installed on Chrome to be in the Chrome Web Store. This is how Google monitors the entire process and keeps away malicious applications. The user can still download them from any web location he prefers but if they are not in the store, they simply won’t work.
Yet Another Malicious Extension in the Web Store
Despite this policy, things still don’t go as smoothly as they should. Malicious apps still make their way into the Web Store. The most recent example originates in Facebook, where a click-bait post tries to get the user’s attention to a video about drunk girls. As soon as the user clicks on the link, he gets redirected to a webpage that looks exactly like YouTube. The problem is that the video there doesn’t actually work.
In order to be able to view the video, the user is asked to install a Chrome extension, which the user wouldn’t actually need if he had landed on the real YouTube site.
Clicking on the pop-up notification takes the use to the Chrome Web Store, where he is offered to download the malicious extension. As soon as the installation is finished, the user is redirected to the real YouTube page where he can watch the video.
Once the extension is active, it starts generating Facebook posts and comments from the victim’s profile. It also sends links via the Facebook chat, which is actually how the extension gets spread.
Malicious Apps Get Downloaded All the Time
Security experts from TrendMicro report that the creators of the extension have employed a virtual private server in Russia where several domains are registered. The dangerous websites were mainly visited from people in Brazil, UK, the United States and Argentina.
This is far not the first time a malicious extension makes it past Google’s security. Most of them that seem to be malicious have only been in the Store shortly. Unfortunately, they are getting thousands of downloads.
If Google really wants to assure Chrome’s safety and decline the option of installing any third party extensions, Google has to enhance the security at least and put everything to the test.
