Chrome has a massive copycat extensions problem

You have probably read about the fake Adblock Plus extension that 37000 Chrome users installed before it was removed by Google after it was reported to the company.

The verification system of the Chrome Web Store is automated which means that any extension that passes automatic validation will be published in the store. Google won’t do anything about it unless it is reported by users, developers, or security researchers.

There have been plenty of incidents in the past where Chrome extensions would be used to inject ads, hijacked, updated and then misused, or run crypto mining operations.

We talked about precautions that users should take before installing Chrome extensions in 2014, how to  verify extensions for Chrome, and about the Chrome fake application problem in 2015.

Nothing has changed on Google’s side of things. Chrome extension submissions are still vetted automatically only, and incidents like the recent fake Adblock Plus extension that found its way into the store highlight that the protection can be bypassed. The extension was listed for weeks in the store, and it was used apparently to display aggressive advertising campaigns.

chrome extensions issue

The fake extension hoped on the bandwagon of one of Chrome’s most popular extensions, the adblocker Adblock Plus. Adblock Plus has more than 10 million Chrome users according to the Chrome Web Store, and fake extensions that look as if they are the real deal may get a small piece of the pie when they make it into the web store.

Google removed the extension, but the problem is not going away if Google reacts after the fact only.

If you search for ublock right now in the Chrome Web Store for instance, you get a dozen or so extensions returned. While the official uBlock Origin is the first listed extension, you find extensions with names such as uBlock Adblock Plus, uBlock Adblocker Plus, uBlock for YouTube, or uBlock Ultimate Adblocker listed there as well.

Some of these have thousands of user ratings and millions of users. It is unclear if these extensions are fake, or simply hopping on the bandwagon of popular extensions by using similar names.

Raymond Hill, the developer of uBlock Origin, warned in June 2017 about these copies.

Beware: plenty of copies of top blockers popping up in Chrome store w/ (at best) absolutely NO added value. Avoid, stick to the genuine ones

Many of the extensions listed right now when you search for uBlock are copies of the original. They take the open source code of the extension, and create a new extension out of it that usually comes without any added functionality. The worst case is that invasive code is added that shows advertisement, tracks user movement on the Internet, or does other unwanted things.

Google announced yesterday that it is aware of the broader situation, and that it looks at ways to handle this better to ” improve our protection and keep users safe from malicious Chrome Extensions and Apps”.

More broadly, we wanted to acknowledge that we know the issue spans beyond this single app. We can’t go into details publicly about solutions we are currently considering (so as to not expose information that could be used by attackers to evade our abuse fighting methodologies), but we wanted to let the community know that we are working on it.

The company did not reveal how it plans to do that though, nor provided a timeline of when users can expect the new or improved system.

Microsoft vets any extension that is developed for the company’s Microsoft Edge browser before it is allowed in the Store. Mozilla does manual reviews of extensions as well, but will change the system for WebExtensions to do the reviews after they have been submitted to Mozilla AMO opposed to doing them before that.

Summary

Article Name

Chrome has a massive copycat extensions problem

Description

Google’s Chrome Web Store has a massive problem with copycat extension listings that hop on the bandwagon of popular extensions for the Chrome browser.

Author

Martin Brinkmann

Publisher

Ghacks Technology News

Logo

About Martin Brinkmann

Martin Brinkmann is a journalist from Germany who founded Ghacks Technology News Back in 2005. He is passionate about all things tech and knows the Internet and computers like the back of his hand.You can follow Martin on Facebook, Twitter or Google+

Powered by WPeMatico

eBay