Chrome's Web Store has a theme spam problem - gHacks Tech News

Chrome's Web Store has a theme spam problem

Spammers use the themes section of the Chrome Web Store, the official store for Chrome extensions and themes, to push dodgy streaming subscriptions.

The Chrome Web Store returns extension and theme matches when you search for something. If you search for a recent movie title on the web store, you get matching extensions and themes returned.

While you'd expect themes to just return themes based on movie scenes, characters or posters to you, you probably don't expect these themes to push subscriptions for dodgy streaming services on the Internet.

That's what is happening right now, however, in the Chrome Web Store, and it is not the first time that Google's official Chrome Web Store has been abused. Google had to pull ad-injecting, crypto-mining, copycat, and other abusive extensions from the Store in the past.

chrome themes watch 4 free

Some of the "watch a movie" themes have thousands of users and have been in the Store for months. It appears that Google's automatic controls don't work properly in this regard and that the reporting functionality that the company built into the Store does not help either.

The title of the themes suggests to Chrome users that they may watch the movie for free and often in high definition. The description of the add-on is filled with keywords but no links, and it seems more of a copy and paste job than anything else.

The website and "offered by" links point to fake streaming portals that have just one purpose; to get users to click on the watch or download buttons. As soon as users do that, they are taken to another web page that promises free registration and direct access to thousands of movies after registration.

The ones that I checked out asked for payment information and while they promise that users are not charged for signing up, reports on the Internet suggest that this is not always the case.

It should be clear that signing up for any of these services may not be the cleverest course of action; you may be charged by these services and since they are not legal, may even face legal issues if law enforcement or companies find your information in the database of such a service.

The installation statistics that Google displays for themes and extensions suggests that thousands of users have installed these themes. It is impossible to tell how many of those have signed up for an account on one of the streaming sites.

If you thought that reviews on the Store might prevent users from installing spam themes and extensions, you may find it surprising that ratings and comments are not all negative. While most themes used to push dodgy streaming services don't have a five out of five star rating, they don't have one star (the lowest rating) either. It appears that fake reviews are used to push the rating of these themes.

I did not install any of the themes and can't say if they have a malicious component as well that executes on installation. If you are looking for movie themes, you find plenty of legitimate themes in the Store.

Closing Words

The new theme spam problem of the Chrome Web Store is not the first and most likely not the last issue that users of Chrome face when they use the official Store. Google has been playing catch-up with spammers and criminals for a long time and it seems that this won't change anytime soon. (via Torrentfreak)

Summary
Chrome's Web Store has a theme spam problem
Article Name
Chrome's Web Store has a theme spam problem
Description
Spammers use the themes section of the Chrome Web Store, the official store for Chrome extensions and themes, to push dodgy streaming subscriptions.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:


Previous Post: «
Next Post: »

Comments

  1. Yuliya said on May 29, 2018 at 10:21 am
    Reply

    You don’t seem to be able to install them, which is a good thing: imgur.com/2hyk50a

    I think they rely on you visiting the theme’s “Website”. Once you’re there, the website appears to be severely crippled, by either my uB0 settings or my Chromium’s settings though. Clicking on either download extension, or whatever they prompt you to do, does nothing, clicking on other things, such as that fake movie player results in my tab getting closed.

    Still wouldn’t advice visiting that crap outside a VM especially without a good content blocker. And this is the reason why I always slip in the MVPS’s hosts file inside everyone’s PC. Chances are it cripples this kind of websites, regardless of browser’s state.

    Has pretending to be Microsoft support gotten old nowadays? :^)

  2. owl said on May 29, 2018 at 4:13 pm
    Reply

    chrome.google.com
    Dark Reader(https://chrome.google.com/webstore/detail/dark-reader/eimadpbcbfnmbkopoojfekhnkhdbieeh/reviews?utm_source=chrome-app-launcher-info-dialog)
    As an example, I will introduce an interesting discussion.
    There is an issue logged for night mode option. You can track the progress here
    https://community.brave.com/t/dark-reader-extension/3580

    1. Weilan said on May 29, 2018 at 7:45 pm
      Reply

      What does anything have to do with Brave.

      1. owl said on May 30, 2018 at 12:50 pm
        Reply

        Extensions that can be selected with Brave are limited.
        For this reason, the user is requested by Brave for an extended use request.
        This link is the log of that discussion.
        For the request of extended “Dark Reader”
        It was denied in the answer “It is an issue logged for night mode option. You can track the progress here”. Dark Reader is provided through “chrome.google.com”.

      2. owl said on May 30, 2018 at 12:59 pm
        Reply

        to correct.
        It’s “Chrome’s Web Store”, not “chrome.google.com”.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.