11.Locks IsometricPattern Esm W900

Google has abruptly pulled over 500 Chrome extensions from its Web Store that researchers discovered were stealing browsing data and executing click fraud and malvertising after installing themselves on the computers of millions of users.

Depending on which way you look at it, that’s either a good result because they’re no longer free to infect users, or an example of how easy it is for malicious extensions to sneak on the Web Store and stay there for years without Google noticing.

That they were noticed at all is thanks to researcher Jamila Kaya who used Duo Security’sCRXcavator tool(also available atCRXcavator.io) to spot a handful of extensions that seemed suspicious, mostly themed around marketing and advertising.

The link for this article located at Naked Security is no longer available.