Google recently updated its Chrome Store policy, making it known that extensions need to have a clear single purpose use that isn’t bundled with other unrelated functionality. Today the first casualties of these changes are here, as Google has just removed two extensions that inject ads unsuspectingly into people’s browsers which violates the store’s terms of services.
Message boards appeared to be steaming with complaints over the weekend when two popular extensions were silently updated (and automatically rolled out to users) with intrusive spam ads that appear on any website you visit with these extensions installed. The perpetrating extensions called “Add to Feedly” and “Tweet This Page” each used to have fewer than 100,000 users, but doesn’t have any now. The Add to Feedly developer, Amit Agrawal, a well-known tech blogger from Digital Inspiration, mentioned on his website that he had sold the extension to an anonymous buyer for a small sum, and that this buyer apparently injected the adware into it. This problem appears to be systemic, as other popular extension developers are often approached by these seedy companies and individuals.
One of the developers of the popular Chrome extension Honey and frequent Reddit user gemusan said:
Over the past year we’ve been approached by malware companies that have tried to buy the extension, data collection companies that have tried to buy user data and adware companies that have tried to partner with us. We turned them all down. It looks like there’s a lot of concern about browser extension privacy and security today.
So this is why Google has made these changes to protect Chrome users and based on its policy update, they killed both of these extensions after being contacted by the Wall Street Journal.
Have any of your favorite Chrome extensions gone rogue recently?