For the third consecutive year, Hill Tech Solutions has been named one of the world's premier managed services providers on the prestigious Channel Futures NextGen 101 list!

Need IT Support?
WE CAN HELP!

Dangerous Chrome Extensions

Share This Post

One of the main selling points for Google’s Chrome browser is the ability to customize it to perform different tasks according to your individual needs. Need a handy PDF maker or file converter, want to match a color from a website, or just turn that New Tab into a convenient notepad? There’s an Chrome extension for that, as well as a wide selection to integrate other products you’re already using, like MS Office or Evernote. Customizing Chrome is as easy as adding apps to your phone.

As with all conveniences, though, there’s a dark side and some bad actors. Google just removed 106 extensions from its web store after discovering they were illegally collecting user data. According to Google, this was part of a “massive global surveillance campaign” specifically aimed at industries including healthcare, finance and petroleum. How massive? 33 million downloads of these extensions alone.

Besides loading malware, these add-ons were taking screenshots of victims’ devices, reading the clipboard and harvesting user input. Worse still, they were able to game Google’s system to appear legitimate by faking thousands of good reviews in the Google Play store. This on the heels of another 500 extensions removed by the Big G in February of this year for serving up adware, among other sins.

So if malware can be made to look legitimate, how can you tell a good extension from a bad one? Look for extensions with a track record over time, and look for “best of” roundups on sites outside the Google Play store. Neither is foolproof, but it’s a start.

It’s also a good idea to look at any extensions you’re already installed and get rid of those you don’t use regularly. In your Chrome browser’s address bar, type chrome://extensions to see a list, and uninstall any you’re not using.

Questions about cybersecurity or other business IT issues? Contact Hill Tech Solutions.

More To Explore

Hill Tech's Technology Insights

Manufacturing and CMMC 2.0

Hill Tech Solutions’ Principal Consultant, Ron Hill, CISSP spoke at the RAMP (Regional Additive Manufacturers Partners) MD symposium in Harford County, MD, about the coming

Hill Tech's Technology Insights

Time to Say Goodbye to P@$$w0rds Like This?

Just in time for National Cybersecurity Awareness Month, the National Institute of Standards and Technology (NIST) has updated its password security guidelines in a way