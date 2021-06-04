



Google states that it scans for extensions that users have installed in their Chrome browser and warns users if they are adding extensions from new or untrusted developers.

The new extension scan feature is part of Google’s security feature called Enhanced Safe Browsing, which Google added to Chrome last May.

Enhanced Safe Browsing now provides additional protection when installing new extensions from the Chrome Web Store. If the extension you are trying to install is not in the list of extensions trusted by Extended Safe Browsing, a dialog will be displayed.

Google

According to Google, a trusted developer is one who adheres to the Chrome Web Store Developer Program Policy.

“It will take at least a few months to respect these terms before new developers can be trusted,” browser makers said in today’s blog post.

Currently, Google states that nearly 75% of all extensions hosted on the Chrome Web Store were developed by “trusted developers.” For the rest, if the user has enhanced safe browsing enabled on the Chrome settings page, the browser will display an alert similar to the following:

Image: Google

Google’s move to warn users when they install Chrome extensions came after years of abuse by malicious developers.

Such tactics, coupled with bot installations and fake positive reviews, can increase the visibility of malicious extensions on web store search results pages and further increase the number of users installing malicious clones. There is sex.

Chrome alerts can suppress this particular tactic, but they can hack and hijack legitimate developer accounts and threat actors who buy legitimate extensions from developers, and are malicious to previously clean extensions. It doesn’t work for threat actors who insert code with.

Even in these cases, Google continues to rely on the security community and home users to find and report such cases.

With Chrome reaching 2 billion users, the number of malicious Chrome extensions has increased in recent years. According to Google, the Safe Browsing feature increased 81% year-on-year in malicious extensions that were disabled in 2020.

