Beware: Ad-injecting Chrome Extensions Could Be Malware- Google Inc (GOOG)

Google Inc (NASDAQ:GOOGL) (NASDAQ:GOOG) is making efforts to clamp down on the ad-injecting extensions for its Chrome browser, after the company identified about 200 of them that made a lot of users vulnerable to suspicious internet activity and virulent softwares. Such extensions operate by indirectly adding fraudulent ads into webpages opened by internet consumers and, thus, violate internet usage policy.

Ad-injecting a major issue

According to a study conducted by Google Inc (NASDAQ:GOOGL) (NASDAQ:GOOG) along with researchers from the University of California at Berkeley, more than a third of ad-injecting add-ons were found to be malware. The extensions of the Chrome Web Store, generally, do not get banned for infusing ads into the webpages, so long they acknowledge the users of their activity. Though, the recent study found that most of the add-ons that possess such functions are, indeed, malware. The research led to the identification of about 192 such Chrome extensions, which were removed by Google afterwards.

Moreover, the results obtained suggested that the number of users most likely install at least one ad-inject by visiting Google website exceeds 5%. Further, the study also discovered the prevalence of ad injectors for other browsers, for instance, Internet Explorer on both Windows and the iOS operating systems.

Google buckles up against PUPs

The major issue is that most of the ad-injecting, done to advertise fraud, is not carried out by extensions. Instead, there exists certain software applications that can inject ads outside of the browser, mainly at the network layer or by trapping the browser process without even installing any extensions. Some of these applications are malware, while some are termed as ‘Potentially-unwanted programs’ or PUPs.

Superfish case was one of the incidents in which an adware (PUP) was found to be pre-installed with some Lenovo PC. The malicious software, along with injecting ads, seized encrypted Web sessions making users susceptible to cyber man-in-the-middle attacks capable of circumventing all HTTPS protections.

Recently, Google Inc (NASDAQ:GOOGL) (NASDAQ:GOOG) has sought to check PUPs by introducing functions that warn users against any attempt of downloading harmful software. Such an effort, though worth appreciating, would only inhibit a small fraction of PUP installations, as most of these applications are packaged and downloaded along with other freeware software.