Google Chrome to warn against malicious extension downloads - gHacks Tech News

Google Chrome to warn against malicious extension downloads

Google has added several safeguards to the Chrome web browser in recent time to increase the security of the browser in regards to the installation of browser extensions. The developers blocked the option to install Chrome extensions from third party websites last year. This prevents installations by the user but also by automatic means from third party websites, and while there is a way around that, it is a manual way so that it cannot be exploited.

Recently, it introduced a feature to the stable version of Chrome that blocks the silent installation of extensions in the browser. This blocks automatic installations of add-ons by third party software such as security applications or other programs that are running on the system.

Today, Google announced another change in regards to the security of extensions. It is still possible to download extensions from third party websites so that you can install the extension in the browser by dragging and dropping it into the extensions manager of the browser.

Chrome from this week on will scan extensions that are downloaded to the local system to warn users if they are potentially malicious.

chrome download warning

The only explanation that Google provides is that it fill flag binaries as malware if they violate Chrome's standard mechanism for deploying extensions. According to Google, standard deployment mechanisms are through the Chrome Web Store, using inline installations (which reference the Chrome Web Store but run the installer on the site they are triggered on), and through third party software

Google notes that malware in the past tried to get around the new silent installation protection of extensions by misusing Chrome's central management settings which are designed to deploy Chrome in organizations and usually on multi-computer networks.

In doing so, the installed extensions are enabled by default and cannot be uninstalled or disabled by the user from within Chrome. Other variants include binaries that directly manipulate Chrome preferences in order to silently install and enable extensions bundled with these binaries. Our recent measures expand our capabilities to detect and block these types of malware.

Additional security mechanism are always welcome and if the warnings pop only up for malicious extensions and not for all extensions that are hosted on third party websites.





  • We need your help

    Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

    We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.

    If you like our content, and would like to help, please consider making a contribution:

    Comments

    1. ilev said on April 18, 2013 at 1:01 am
      Reply

      Blocking doesn’t seem to work.

      Just updated Java 7u21 yesterday and let (by mistake) ASK toolbar to be installed.
      Uninstalled the toolbar using Portable IObit Uninstaller. Got a pop-up message from
      Chrome’s Extensions Update Notifier that ASK toolbar has been installed , would I like to disable ASK.
      Had to remove ASK manually.

      Chrome Version 27.0.1453.56 beta-m

      1. Martin Brinkmann said on April 18, 2013 at 1:09 am
        Reply

        They said they introduce the feature this week, so it may not be active yet in your version. Also, I’m not sure if they will identify Java as malicious in this scenario.

        1. ilev said on April 18, 2013 at 4:06 am
          Reply

          It was not Java but ASK toolbar extension that was installed :-)

    Leave a Reply