14 DAY TRIAL // Google has recently removed two ad-injecting Chrome extensions from the Chrome Web Store, but experts warn that there were at least 12 others that should have been taken down.
Security researchers from Barracuda Labs have been monitoring rogue Chrome extensions since October 2012. A new spam campaign they’ve been observing over the past few weeks involves a total of 12 Chrome extensions designed to inject ads on 44 popular sites.
Worryingly, over 180,000 users have installed the extensions disguised as Logo Quiz, Counter Strike Portable, Pac Man, Snail Bob 2, Angry Halloween, Pong, Smart Soccer and other popular games.
The 12 rogue applications had been on the Chrome Web Store until at least January 30, 2014.
These pieces of software request permission to access website data, tabs and browsing activity. This way, when the victim visits a certain site, ads are injected. Each time the ads are displayed or clicked, the developer of the rogue Chrome extensions makes a certain amount of money.
Experts believe that the same group that developed ad-injecting extensions disguised as the Angry Birds game back in 2012 is responsible for this campaign. However, at the time, they operated under the name playook.info , while now they’re called konplayer.com.
It’s not easy for Google to keep track of all the rogue extensions. Until the search engine giant comes up with a better solution for protecting users against spammy applications, users are advised to be careful.
“As we always advised, Chrome users should be very careful if you intend to install Chrome extensions — even if it is from the Google Chrome web store. Use some common sense to judge whether you need to grant permissions to any extensions. If any of the permissions seem beyond the fence of what it should do, do not install it,” Barracuda Labs experts recommend.
If you’re interested in the technical details of these ad-injecting Chrome extensions, check out Barracuda’s blog.