Researcher uncovers dozens of sketchy Chrome extensions with 4 million installs
1 min read
Summary
Google has been hosting suspicious extensions in its Chrome Web Store that have been downloaded by more than 4 million devices.
Researcher John Tuckner, who discovered the extensions, said they all shared the same code, connected to the same servers, and required a list of sensitive system permissions.
These included managing browser tabs and interacting with web traffic on all URLs visited.
Tuckner said these permissions could allow the extensions to carry out abusive activities, and that they should only be granted to trusted extensions that cannot perform core functions without them.
So far, at least 35 of these extensions have been identified on the Chrome Web Store, although the search engine has not commented on the findings.
