Adware Vendors Buying Chrome Extensions, Injecting Ads

An anonymous reader writes "Ars reports that the developers of moderately popular Chrome extensions are being contacted and offered thousands of dollars to sell ownership of those extensions. The buyers are then adding adware and malware to the extensions and letting the auto-update roll it out to end users. The article says, 'When Tweet This Page started spewing ads and malware into my browser, the only initial sign was that ads on the Internet had suddenly become much more intrusive, and many auto-played sound. The extension only started injecting ads a few days after it was installed in an attempt to make it more difficult to detect. After a while, Google search became useless, because every link would redirect to some other webpage. My initial thought was to take an inventory of every program I had installed recently—I never suspected an update would bring in malware. I ran a ton of malware/virus scanners, and they all found nothing. I was only clued into the fact that Chrome was the culprit because the same thing started happening on my Chromebook—if I didn't notice that, the next step would have probably been a full wipe of my computer.'"

And That, Ladies and Gentlemen ...

[Anonymous Coward]

And that, ladies and gentlemen, is how the free market works.

The reputation of these plugins is worth money. The down side is that once the malware infected extensions are reported to Google, Google will kill them off in the browsers. They wont live long enough to make their money back. The adsheisters will quickly see their reputation vanish and their install base dwindle.

Great

[asmkm22]

What makes this really bad is that it's difficult to permanently remove Chrome extensions sometimes. If I delete it, it will just show back up in a few minutes, probably because it's saved somewhere in my central account. Now with this out there...

Malware development gigs on Guru.com

[IgnorantMotherFucker]

I've seen contract gigs like the following, more than once, on boards such as Guru.com. One specific contract offer wanted code that would reset the, uh, "users" homepage to a URL to be specified by the client, then make it impossible for the "user" to set any other homepage. That's it. Perhaps I'm in the wrong business. It's a lot harder than I thought to get a job as an iOS developer, but I am really good with assembly code, debugging and reverse engineering. Perhaps I should write malware for the Russian Mob.

Now the "alternative" is becoming the culprit

[acidradio]

Many people have defected from IE due to its problems with malware and adware. Firefox, but more so Chrome seemed to be safe. So now that the awesome, "safe alternative" browser is compromised, what's next? I can't imagine there an easy fix to this. Is it time to go to yet another browser?

This is almost like how pharmaceutical scientists keep having to modify and discover new antibiotics. The current batch of drugs eventually becomes less and less effective and the bacteria become resistant, prompting us to constantly evolve the offerings.

Comment removed

[account_deleted]

Comment removed based on user account deletion