Google Chrome to warn when installed extensions are malware


Google is testing a new feature in the Chrome browser that will warn users when an installed extension has been removed from the Chrome Web Store, usually indicative of it being malware.

An unending supply of unwanted browser extensions is published on the Chrome Web Store and promoted through popup and redirect ads.

These extensions are made by scam companies and threat actors who use them to inject advertisements, track your search history, redirect you to affiliate pages, or in more severe cases, steal your Gmail emails and Facebook accounts.

The problem is that these extensions are churned out quickly, with the developers releasing new ones just as Google removes old ones from the Chrome Web Store.

Unfortunately, if you installed one of these extensions, they will still be installed in your browser, even after Google detects them as malware and removes them from the store.

Due to this, Google is now bringing its Safety Check feature to browser extensions, warning Chrome users when an extension has been detected as malware or removed from the store and that they should be uninstalled from the browser.

This feature will go live in Chrome 117, but you can now test it in Chrome 116 by enabling the browser’s experimental ‘Extensions Module in Safety Check’ feature.

To enable the feature, simply copy the Chrome URL, ‘chrome://flags/#safety-check-extensions’, into the address bar and press enter. You will be brought to the Chrome Flags page with the ‘Extensions Module in Safety Check’ feature highlighted. 

Now set it to enabled and restart the browser when prompted to enable the feature.

Google Chrome Safety Check for extensions

Once enabled, a new option will appear under the ‘Privacy and security’ settings page that prompts you to review any extensions removed from the Chrome Web Store, as shown below.

Safety check for Chrome extensions
Safety check for Chrome extensions
Source: Google

Clicking this link will bring you to your extension page, listing the removed extensions and why they were removed and prompting you to uninstall them.

Potentially malicious extensions removed from Chrome Web Store
Potentially malicious extensions removed from Chrome Web Store
Source: Google

Google says that extensions can be removed from the Chrome Web Store because they were unpublished by the developer, violated policies, or were detected as malware.

For extensions detected as malware, it is strongly advised that you remove them immediately to not only protect your data but also to prevent your computer from facing future attacks.

For those that are removed for other reasons, it is advised that you remove them as well, as they are no longer supported or break other policies that are not strictly malware but are not necessarily helpful.

Google has a dedicated Chrome Web Store policies page detailing what content or behavior could lead to an extension being removed from the store.



Source link