Google has removed around five hundred extensions in Chrome after the company was notified that they were passing on data, causing ad fraud, and sending users to rogue sites.
The problem was discovered by researcher Jamilia Kaya who, together with Duo Security (a Cisco daughter), identified 71 rogue extensions from the Chrome Web Store.
With that knowledge, Google managed to identify 430 additional extensions that it initially did not detect in its Web Store.
According to Ars Technica, the 71 extensions were installed 1.7 million times. It is not known how many downloads are involved for all five hundred extensions in total. In the meantime, Google has deleted them all.
The rogue browser extensions worked through different domains, but always with the same code. It often concerned tools that contained standard advertisements. But underlyingly, users were sent to different servers and remotely given additional instructions to reconfigure the extension.
Besides, various advertisements were loaded, although they were often hidden from the user, browser data (personal data about surfing behaviour) was forwarded and users ended up on sites with malware and phishing attempts — scams and malware distribution.
