facebook rss twitter

Adware companies buying up Chrome extensions to inject ads

by Mark Tyson on 20 January 2014, 13:15

Tags: Chrome

Quick Link: HEXUS.net/qab7sn

Add to My Vault: x

Two Google Chrome browser extensions have been removed from its web store as they had reportedly been bought up by advertisers intending to inject adware. These dastardly companies silently updated the previously benign software to include code that bombarded users with spam ads.

The two extensions involved, 'Add to Feedly' and 'Tweet This Page,' each had less than 100,000 users, but these users started to experience unwanted ads and complain about this upon support forums, according to the Wall Street Journal. Both extensions included code which was unacceptable to Google's terms as it would serve up undesirable (rival) ads, which resulted in users giving one-star ratings and calling the extensions spam sources.

The Chrome Web Store

Bite the hand that Feedly

The developer of 'Add to Feedly', Amit Agarwal, admitted that he sold his extension to an unknown buyer whose name returned no results on Google. "It was a 4-figure offer for something that had taken an hour to create and I agreed to the deal. I had no clue about the buyer and was also curious to know - why would anyone pay this kind of money for such a simple Chrome extension," explained Agarwal in a blog post.

The business model of the buyer was simple, explains Agarwal, "They buy popular add-ons, inject affiliate links and the bulk of users would never notice this since the Chrome browser automatically updates add-ons in the background. And there are no change-logs either."

Add to Feedly

Isolated incident?

The issue doesn’t seem like it is just limited to the two add-ons mentioned above. Further investigation suggests that advertisers regularly buy popular extensions and transform them into adware. More and more developers are being approached about selling their add-ons. The creators of the popular Chrome extension Honey, for example, said they were also approached by malware companies in the past and learned that a six figure sum could be made in profits every month should they join the dark side…

Google is obviously not going to let this adware infestation happen without doing anything, as it cited a December change to its policies. This will outlaw various complex changes to websites by extensions and developers will not be allowed to place ads on more than one part of the page. However this change isn't due to be enforced until June and then we have the practicality issues of monitoring and enforcement.

HEXUS Forums :: 7 Comments

Login with Forum Account

Don't have an account? Register today!
FVD has the same and was taken off the store
Don't Google review the addons in a similar fashion as FF ?
Don't Google review the addons in a similar fashion as FF ?
Google cares nothing for the user.
Don't Google review the addons in a similar fashion as FF ?

as above google dont care cos if they did they would not be like yahoo,microsoft,ect by selling your info
Would be amusing if they bough adblock+ and turned it into a mega spammer, never going to happen.

I will say I am staying with firefox for reasons like this, chrome does seem to be more a data logger than browser, yes you can turn much of it off, but the fact its all on by default is wrong.