Monday, 27 March 2017
Internet Security

Chrome Extensions are being exploited, Google coming with a Fix

Google Chrome is one of the most loved and used browsers. Its popularity is unmatched considering the fact that it’s a third party browser.

The browser is so popular that Google has developed an OS around the Chrome browser called the Chrome OS- which is basically a light OS for browsing purposes.

One of the major factors for Chrome’s success is the availability of an array of extensions which make your browsing experience sweeter.

But sadly it is being exploited, but don’t worry Google is getting on top of the situation.

How you may be exploited via a Chrome Extension

Google Chrome had a feature called “inline install”. It allowed users to install extensions directly from the developers website without visiting Web Store.

This “inline install” is being abused by attackers. Basically, you will be shown advertisements of some Chrome Extension which you might end up installing. These extensions are basically useless or may just be a malware.

Currently, Google is working to stop this practice. They will block the ability to install extensions without the Web Store. This way Google can monitor for malware and fake extensions.

But they will not take out the handy “inline install” altogether. Google is working to create a method that will enable them to detect when an advertisement is trying to install a Chrome Extension.

Then Google will disable inline install and force it come to the Chrome Web Store first and provide extra information.

Hence, if you a good developer, no worries, everything is as it used to be. Whereas bad people (blackhat), you have another thing coming for you. So be prepared as the change takes place starting September 3.