Is your favorite Google extension no longer working? This might be the reason behind it.
Recently Google has removed more than 500 Chrome extensions because of malware concerns. The extensions were taking users to sites with malware and ad content without users knowing about it.
According to Duo's security team:
"Browser extensions have been known as a weak point for individual security and privacy due to their potential for misuse under the general guise of helpful applications. In the case reported here, the Chrome extension creators had specifically made extensions that obfuscated the underlying advertising functionality from users. This was done in order to connect the browser clients to a command and control architecture, exfiltrate private browsing data without the users knowledge, expose the user to risk of exploit through advertising streams, and attempt to evade the Chrome Web Store’s fraud detection mechanisms."
Users were being redirected to ads so the extension's developers could profit from the traffic. Upon being asked, users said that they weren't aware of this and it didn't make a difference while browsing.
Duo has said that about 2 million users have downloaded such extensions but it it can't be said for sure how many users are affected by the removal of those extensions.
This isn't the first time this fraud has occurred. According to a report by ZDNet, ads are put into browsing sessions but aren't detectable because of the tricks developers use to hide it. Also, in 2018, it was found out that Chrome extensions were used to get login information, mine crypto-currencies and were even involved in click fraud.
So, the next time you download an extension it is worth checking if it's from a known source.
You can no longer see the extensions in Google's web store and Google has also deactivated them from browsers while labelling them as 'malicious' so that people don't add them again.