Not good at all!
Sources: Ars Technica / OMG! Chrome!
Adware vendors buy Chrome Extensions to send ad- and malware-filled updates
One of the coolest things about Chrome is the silent, automatic updates that always ensure that users are always running the latest version. While Chrome itself is updated automatically by Google, that update process also includes Chrome's extensions, which are updated by the extension owners. This means that it's up to the user to decide if the owner of an extension is trustworthy or not, since you are basically giving them permission to push new code out to your browser whenever they feel like it.
To make matters worse, ownership of a Chrome extension can be transferred to another party, and users are never informed when an ownership change happens. Malware and adware vendors have caught wind of this and have started showing up at the doors of extension authors, looking to buy their extensions. Once the deal is done and the ownership of the extension is transferred, the new owners can issue an ad-filled update over Chrome's update service, which sends the adware out to every user of that extension.Some of the affected extensions include: Window Resizer, HoverZoom, Add to Feedly.Popular Chrome Extensions Are Being Bought By Malware Makers
The developer of the ‘Add to Feedly’ extension, Amit Agarwal, says that he was approached out of the blue by a (mysterious, un-Googleable) individual wanting to buy his add-on.
Such an offer would tempt most of us. But in pocketing the money, and transferring ownership of his work to another party, Amit also sold the trust of the 30,000+ users with it installed.“It was a 4-figure offer for something that had taken an hour to create and I agreed to the deal,” explains Amit on his blog.
He wasn’t to know but, a few short months after completing the deal, the new add-on owners issued their first, and only, update. One that added an unwelcome feature: adware.
Chrome extensions are updated silently in the background, so the majority of users would have been unaware that the spammy links, pop-up ads, and intrusive affiliate code embeds, suddenly affecting each and every site they visited were the fault of their dependable Feedly add-on.
Those that were able to narrow it down soon took to the Chrome Web Store to vent their disappoint, which is how Amit first became aware of the issue.
In a galling twist, a switch to turn “off” advertisements was included with the update but, according to user reports, is nothing more than a dummy. Whether on or off, unwanted adverts continue to show up.
There are currently 1 users browsing this thread. (0 members and 1 guests)