Google to warn of Chrome extensions from new or untrusted developers
Catalin Cimpanu June 3, 2021

Google to warn of Chrome extensions from new or untrusted developers

Google to warn of Chrome extensions from new or untrusted developers

Google says it will scan the extensions users install in their Chrome browsers and warn users if they are adding an extension from a new or untrusted developer.

The new extension scanning feature will be part of a Google security feature called Enhanced Safe Browsing, which Google added to Chrome in May last year.

Enhanced Safe Browsing will now offer additional protection when you install a new extension from the Chrome Web Store. A dialog will inform you if an extension you’re about to install is not a part of the list of extensions trusted by Enhanced Safe Browsing.

Google

Google says trusted developers are those who adhere to the Chrome Web Store Developer Program Policies.

“For new developers, it will take at least a few months of respecting these conditions to become trusted,” the browser maker said in a blog post today.

Currently, Google said that almost 75% of all extensions hosted on the Chrome Web Store were developed by “trusted developers.” For the rest, the browser will show an alert like the one below if users had enabled Enhanced Safe Browsing in their Chrome settings page.

Chrome-extensions-warning
Image: Google

Google’s move to show warnings when users are installing Chrome extensions comes after years of abuse from malicious developers, most of which create new accounts, upload extensions cloned based on legitimate ones, and then wait for users to accidentally install their copy.

Such tactics, coupled with bot installs and fake positive reviews, can boost a malicious extension’s visibility on the Web Store search results page, which leads to even more users installing malicious clones.

Chrome’s warnings will be able to stifle this particular tactic, but they won’t work for threat actors that buy legitimate extensions from developers or threat actors who hack and take over legitimate developer accounts and insert malicious code into previously clean extensions.

In these instances, Google still relies on the security community or home users to spot and report such cases.

The number of malicious Chrome extensions has been growing in recent years as the number of Chrome users has reached two billion. Google said its Safe Browsing feature disabled 81% more malicious extensions in 2020 compared to the previous year.

Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.