Hoverzoom's Malware controversy and Imagus alternative
Hoverzoom became a highly popular browser extension right after its creation. It displayed larger versions of images that you hovered over with the mouse cursor, so that you did not have to visit the linked websites to do so. As you can imagine, this saves a lot of time on sites such as Reddit or Imgur, where images get posted like crazy.
Back in March 2013 we noticed that Hoverzoom was running a script in the background that the company claimed was used to "detect unused domain names and submit the results back to the owners".
Some days ago, things got a lot crazier. A thread on Reddit claimed that Hoverzoom turned malware, as it was seemingly injecting "malware scripts" into every page visited in the Chrome browser.
The author of Hoverzoom responded to that claim on the official website where he stated the following:
This script is not malware.
Your personal data was not collected.
There is no need to change your passwords.
You can read the full response on the website. In regards to what is being collected he states, that form data is collected anonymously for marketing research purposes only.
A detailed analysis of the extension provided the following information:
- Hoverzoom injects code unto some or all of the web pages you visit while the extension is running.
- Hoverzoom modifies "certain Amazon links" on all websites you visit, adding its own affiliate ID.
- The extension sends the browsing habits that it collects to a third party website (webovernet.com and jsl.blankbase.com)
- It sends domain misspellings to another third party website (advisormedia.cz).
- All monetization schemes are active by default.
- On December 17, version 4.27 was released which submits what you type into web forms to a third party website (qp.rhlp.co)
- On December 18, version 4.28 was released that removed the script again that was added on December 17.
Hoverzoom at the time of writing has been removed from the Google Chrome Web Store. According to information on the site, it was removed by the author and not by Google.
Alternative to Hoverzoom
If you used Hoverzoom until now, or want to use it but cannot because it has been removed from store, you may be interested in alternatives. One Hoverzoom alternative is Imagus.
The free extension for Google Chrome works identical in many regards. Once enabled, hover the mouse cursor over an image to display its larger version -- if available -- right on the screen without having to leave the page you are on.
The extension does not work on all sites, just like Hoverzoom. but it supports many. Especially image hosting websites, but also popular sites such as Facebook, Yahoo, Twitter, YouTube, IMDB or Flickr to name a few.
What is also interesting is that it adds lots of handy features and shortcuts to the whole process.
As far as zooming goes, you can modify the following features (among others):
- Make the extension work only when you hold down a key, or disable it when you do so.
- Preload images for faster access.
- Mark zoomable images.
- Use shortcuts such as Alt-Shift-D to suspend the extension for the domain for the session.
- Define where the image pop-up is placed on the screen.
That's not all however. You can send any image you come across to the built-in gallery using the g shortcut. The gallery lets you browse all images that you have added to it which can be quite useful if you want to keep track of certain images that you like. All images added to the gallery contain a source link, and if available, a target link as well.
That is still not all though. You can flip, rotate and fit to height or width using shortcuts, send images to hosting services, or define viewer related features such as zooming with the mouse wheel, adding image borders or defining long press actions for the left or right mouse button (for instance to fit to screen).
The controversy surrounding Hoverzoom highlights the importance of monitoring installed browser extensions. Scripts like NoScript for Firefox make sure that connections cannot be made by extensions automatically, and it is highly suggested to use something similar for your browser to make sure that your information are not grabbed by installed extensions.
The whole incident had disastrous consequences for Hoverzoom. Not only did the extension receive hundreds of 1 star ratings on the Chrome Web Store, it was also removed from it by its author, likely to avoid further damage to the reputation of the extension.
Chrome users who are looking for an alternative should take a look at Imagus, as it is quite the fine piece of software.Advertisement