Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Adware vendors buy Chrome Extensions to send ad- and malware-filled updates
ars technica website | Jan 17 2014, 3:10pm -0800 | Ron Amadeo

Posted on 01/20/2014 9:57:14 AM PST by Utilizer

...ownership of a Chrome extension can be transferred to another party, and the new owners can issue an ad-filled update over Chrome's update service, which sends the adware out to every user of that extension.


TOPICS: Business/Economy; Computers/Internet
KEYWORDS: chrome; extensions; malware
In a nutshell, some extensions can compromise your system(s) via extension updates, so care needs to be taken when using them. Ars technica has more details but cannot be excerpted, however a search for the article will provide more details and this seems important enough to let any Chrome users know despite their restrictions.
1 posted on 01/20/2014 9:57:14 AM PST by Utilizer
[ Post Reply | Private Reply | View Replies]

To: Utilizer

Do Firefox/IE add-ons have the same vulnerabilities?


2 posted on 01/20/2014 9:59:50 AM PST by Dr. Sivana (“The only thing that can save us is if Kerry wins the Nobel prize and leaves us alone.”-Moshe Yaal)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Dr. Sivana

Not so far, from what I read at the ars technica site. Only Chrome. However, that may simply mean that none has yet been discovered on the other browsers so I thought this important enough to make others aware and begin checking their own extensions for possible similarities.


3 posted on 01/20/2014 10:02:36 AM PST by Utilizer (Bacon A'kbar! - In world today are only peaceful people, and the mooslimbs trying to kill them-)
[ Post Reply | Private Reply | To 2 | View Replies]

To: Utilizer

From the article:

Update: Google got back to us, and stated that Chrome’s extension policy is due to change in June 2014. The new policy will require extensions to serve a single purpose.


4 posted on 01/20/2014 10:07:24 AM PST by smoothsailing
[ Post Reply | Private Reply | To 1 | View Replies]

To: smoothsailing
The new policy will require extensions to serve a single purpose.

Yes, read that. However, that does nothing to solve the immediate problem nor does their statement mention that they will remove the offending extensions or even notify users of the problems.

5 posted on 01/20/2014 10:13:35 AM PST by Utilizer (Bacon A'kbar! - In world today are only peaceful people, and the mooslimbs trying to kill them-)
[ Post Reply | Private Reply | To 4 | View Replies]

To: PeteePie

Ping. Noticed you had a problem with Chrome recently...


6 posted on 01/20/2014 10:19:04 AM PST by Utilizer (Bacon A'kbar! - In world today are only peaceful people, and the mooslimbs trying to kill them-)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Utilizer

Who uses Chrome, or allows extensions on their computer?


7 posted on 01/20/2014 10:56:10 AM PST by Dan(9698)
[ Post Reply | Private Reply | To 5 | View Replies]

To: Utilizer

Thanks!!!!!!


8 posted on 01/20/2014 11:05:29 AM PST by PeteePie (Righteousness exalts a nation, but sin is a reproach to any people - Proverbs 14:34)
[ Post Reply | Private Reply | To 6 | View Replies]

To: Utilizer

What you say makes sense and it’s clear they’re doing nothing between now and June.

I’m a bit of a novice at this sort of thing. I run Chrome on this PC I’m using now and also it’s pretty much built in to my Dell Venue 7” tablet.

I am relatively confident that my PC is OK, but I wonder about the tablet. I havn’t noticed anything particular but I also havn’t installed any security apps on the tablet either. I’ve only had it a few months. I’ve read pros and cons about the tablet apps and havn’t come to any conclusion.

Do you know anything about tablet security?


9 posted on 01/20/2014 11:07:37 AM PST by smoothsailing
[ Post Reply | Private Reply | To 5 | View Replies]

To: Dan(9698)

There are some, actually, and extensions (also called add-ons) are parts of many web browsers. Two I use quite extensively are the extensions AdBlocker and Ghostery and find them quite handy. I have also tried Chrome and did not think much of it, although it comes as a default browser on some Linux distros.


10 posted on 01/20/2014 11:08:03 AM PST by Utilizer (Bacon A'kbar! - In world today are only peaceful people, and the mooslimbs trying to kill them-)
[ Post Reply | Private Reply | To 7 | View Replies]

To: ShadowAce

Ping. You might find this interesting...


11 posted on 01/20/2014 11:09:45 AM PST by Utilizer (Bacon A'kbar! - In world today are only peaceful people, and the mooslimbs trying to kill them-)
[ Post Reply | Private Reply | To 1 | View Replies]

To: PeteePie

You are most welcome.


12 posted on 01/20/2014 11:10:38 AM PST by Utilizer (Bacon A'kbar! - In world today are only peaceful people, and the mooslimbs trying to kill them-)
[ Post Reply | Private Reply | To 8 | View Replies]

To: smoothsailing
Do you know anything about tablet security?

Not enough to even offer advice, I am afraid. Most of the work I do is on desktop computers and usually involves updates and resolving crash issues, generally to the re-install level if necessary to get rid of malware.

13 posted on 01/20/2014 11:13:53 AM PST by Utilizer (Bacon A'kbar! - In world today are only peaceful people, and the mooslimbs trying to kill them-)
[ Post Reply | Private Reply | To 9 | View Replies]

To: rdb3; Calvinist_Dark_Lord; Salo; JosephW; Only1choice____Freedom; amigatec; Still Thinking; ...

14 posted on 01/20/2014 11:14:17 AM PST by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Utilizer

So they buy a legitimate app or extension and spread their disease that way?


15 posted on 01/20/2014 11:18:10 AM PST by GeronL (Extra Large Cheesy Over-Stuffed Hobbit)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Dan(9698)

Chrome has its own OS and Android is theirs too I think. They have a lot more games/apps apparently than Linux.

Not that it matters to me.


16 posted on 01/20/2014 11:19:53 AM PST by GeronL (Extra Large Cheesy Over-Stuffed Hobbit)
[ Post Reply | Private Reply | To 7 | View Replies]

To: Utilizer

Chromium is a stripped down version of Chrome I think


17 posted on 01/20/2014 11:20:49 AM PST by GeronL (Extra Large Cheesy Over-Stuffed Hobbit)
[ Post Reply | Private Reply | To 10 | View Replies]

To: GeronL
So they buy a legitimate app or extension and spread their disease that way?

According to the ars technica article, yes some people have done so through the Chrome extensions and people were not aware that this was happening or that the extensions were the reason why problems were appearing.

18 posted on 01/20/2014 11:25:42 AM PST by Utilizer (Bacon A'kbar! - In world today are only peaceful people, and the mooslimbs trying to kill them-)
[ Post Reply | Private Reply | To 15 | View Replies]

To: Utilizer

Those extensions have now been pulled. http://news.cnet.com/8301-1023_3-57617467-93/google-discards-extensions-that-force-feed-users-ads-in-chrome/


19 posted on 01/20/2014 11:25:46 AM PST by ConstantSkeptic (Be careful about preconceptions)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ConstantSkeptic

Thanks for the link! That was very informative, and identified at least two of the extensions that were causing problems. Users need to be aware of the dangers still, so the more people are informed about this the better, and also be aware that this could be a potential problem in the future as well.


20 posted on 01/20/2014 11:30:22 AM PST by Utilizer (Bacon A'kbar! - In world today are only peaceful people, and the mooslimbs trying to kill them-)
[ Post Reply | Private Reply | To 19 | View Replies]

To: Utilizer

And this, my friends, is why I tell everyone “NOT” to download “Chrome”.

It doesn’t affect download speeds in any way that a user would notice and if they do notice they have never the less down loaded “Corporate Malware”.

I

C

U


21 posted on 01/20/2014 11:37:29 AM PST by Vendome (Don't take life so seriously-you won't live through it anyway-Enjoy Yourself ala Louis Prima)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Vendome

I disagree, but I don’t have 100 extensions like many others either. I did use Firefox but that memory hole that used up CPU’s never got fixed and Chrome is much faster since I started using it last year.


22 posted on 01/20/2014 11:52:41 AM PST by packrat35 (Pelosi is only on loan to the world from Satan. Hopefully he will soon want his baby killer back)
[ Post Reply | Private Reply | To 21 | View Replies]

To: Utilizer

Chrome sucks because you cannot turn off the automatic updates.


23 posted on 01/20/2014 11:56:19 AM PST by a fool in paradise ("Health care is too important to be left to the government.")
[ Post Reply | Private Reply | To 1 | View Replies]

To: Dan(9698)

I use Chrome (as well as IE). I’m a web developer.

With Chrome I use 3 extensions, AdBlock (it would be ironic if they sell to an adware group), Web Developer, and ColorZilla (for picking color ids).


24 posted on 01/20/2014 11:56:22 AM PST by bahits
[ Post Reply | Private Reply | To 7 | View Replies]

To: packrat35

Is it demosntrably faster than using a regular brower would be the question and I would argue “Not to the human experience”.

M2M, yeah.


25 posted on 01/20/2014 12:11:20 PM PST by Vendome (Don't take life so seriously-you won't live through it anyway-Enjoy Yourself ala Louis Prima)
[ Post Reply | Private Reply | To 22 | View Replies]

To: Utilizer

Thanks for your reply. I’ll keep on reading up on tablet security.


26 posted on 01/20/2014 12:17:17 PM PST by smoothsailing
[ Post Reply | Private Reply | To 13 | View Replies]

To: Vendome

The dam thing is couched with the repeated Flash updates, so a user needs to slow down on this install, otherwise Chrome gets quietly installed.


27 posted on 01/20/2014 2:06:34 PM PST by SgtHooper (If at first you don't succeed, skydiving is not for you.)
[ Post Reply | Private Reply | To 21 | View Replies]

To: Vendome

Since firefox was nuking my whole computer and dragging everything down to a crawl, I’d say yeah it is much faster. The browser may not be so much faster but my computer certainly is now.


28 posted on 01/20/2014 2:40:02 PM PST by packrat35 (Pelosi is only on loan to the world from Satan. Hopefully he will soon want his baby killer back)
[ Post Reply | Private Reply | To 25 | View Replies]

To: packrat35

Oh your computer is faster now.

No problem.

Seen that a lot.

What anti virus were you running when you made. the change and then noticed?

I have found AVG to compete horribly with web browsers and certain extensions.


29 posted on 01/20/2014 8:27:07 PM PST by Vendome (Don't take life so seriously-you won't live through it anyway-Enjoy Yourself ala Louis Prima)
[ Post Reply | Private Reply | To 28 | View Replies]

To: Vendome

The problem was not anti virus but Firefox using 80% of my CPU


30 posted on 01/20/2014 10:36:43 PM PST by packrat35 (Pelosi is only on loan to the world from Satan. Hopefully he will soon want his baby killer back)
[ Post Reply | Private Reply | To 29 | View Replies]

To: Dr. Sivana; Utilizer

Actually, Firefox may be at risk. Extensions, by their very nature, use Chrome as an executable mechanism. If you ever go to configure one of your extension in Firefox, for instance, you may notice the URL line starts with chrome:\\

Better safe than sorry.


31 posted on 01/21/2014 4:45:05 AM PST by rarestia (It's time to water the Tree of Liberty.)
[ Post Reply | Private Reply | To 2 | View Replies]

To: rarestia

Thanks for the tip. I use AdBlocker and Ghostery primarily, with only an occasional video downloader extension on FireFox but I should probably take a closer look at the last one and of course any newer ones to make certain this problem does no crop up in the future.


32 posted on 01/21/2014 9:50:21 AM PST by Utilizer (Bacon A'kbar! - In world today are only peaceful people, and the mooslimbs trying to kill them-)
[ Post Reply | Private Reply | To 31 | View Replies]

To: smoothsailing; Dr. Sivana

Being primarily a Firefox user, I am aware of several extensions, add-ons that were found to infect your computer with adware, malware. It’s not neccesssarily a Chromr issue.


33 posted on 01/21/2014 11:58:11 AM PST by lbryce (Obama:The Worst is Yet To Come)
[ Post Reply | Private Reply | To 4 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson