Learn
Learn
Close

They Ask, You Answer

A revolutionary approach to inbound sales, content marketing, and today’s digital consumer.

Learn MoreLearn More

Free Courses in IMPACT+

Dozens of sales, marketing, and content courses inside IMPACT+. Start learning now.

See all coursesSee all courses
Events
Events
Close
IMPACT+ Membership
IMPACT+ Membership
Close
Coaching & Implementation Services
Coaching & Implementation Services
Close

Services Overview

See how you can dramatically increase your inbound leads and sales.

Services Overview

Digital Sales and Marketing Mastery

Fast track your team’s success with IMPACT's most popular service.

Digital Sales and Marketing Mastery

Web Design

Launch a beautiful website that consistently generates leads and revenue.

Web Design

Virtual Sales Training

Equip your sales team with comprehensive training designed to help them close more deals in today's virtual-first world.

Virtual Sales Training

HubSpot Training & Implementation

Train your company to take ownership of HubSpot and get the most out of your investment.

HubSpot Training & Implementation

Case Studies

See dozens of examples of companies succeeding with Digital Sales and Marketing Mastery and They Ask, You Answer.

Case Studies
Become a Coach
Become a Coach
Close

Where did your extensions go? Google bans 500+ malicious extensions

Where did your extensions go? Google bans 500+ malicious extensions Blog Feature

Jen Barrell

Content Trainer, 10+ Years of Content & Digital Marketing Strategy

February 25th, 2020 min read

Google has banned more than 500 extensions from its Chrome Web Store after it was discovered they had been inserting malicious ads into users’ browsing sessions.

While it is uncertain exactly how many times these extensions had been installed, according to ZDNet, who broke the story, the number is likely to exceed 2 million.

In an investigation that began two months ago, independent security researcher Jamila Kaya found that hundreds of extensions were infecting browsers. She teamed with Cisco’s Duo Security team and escalated concerns to Google, which then removed the offending extensions from the store.

The details of the investigation

Kaya used Cisco’s Duo Security extension analyzer tool, CRXcavator, to find that extensions that appeared to be playing by Google’s rules were using advertising to redirect users to certain sites.

In some cases, users were directed to legitimate sites but with an affiliate link so the extensions could get credit for the page visit. In other more nefarious cases, users were sent to a page that infected them with malware or exposed them to a phishing scheme.

Researchers were able to confirm the bulk of these extensions had been operational since January 2019, but it also may be linked to a larger operation going back several years.

According to Duo, this type of “malvertising” operation is on the rise:

Malvertising often occurs within other programs, acting as a vehicle for multiple forms of fraudulent activity, including ad-fraud, data exfiltration, phishing, and monitoring and exploitation. Alternatively, it also emerges in multipart malicious campaigns that involve advertising collection and defraudment.

The prominence of malvertising as an attack vector will continue to rise as long as tracking-based advertising remains ubiquitous, and particularly if users remain underserved by protection mechanisms.

Google moved quickly to take down the offending extensions marked by Kaya, in addition to removing additional ones uncovered in its own investigation.

A Google spokesperson reported to Kaya and the Duo team:

We appreciate the work of the research community, and when we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses. We do regular sweeps to find extensions using similar techniques, code, and behaviors, and take down those extensions if they violate our policies.

How can you protect yourself from extension attacks?

There’s not much you need to do to protect yourself from this particular attack: the offending extensions have been removed from the Chrome Web Store.

If you had any of these extensions installed, you’ll find that they no longer open immediately when you try to launch them. Instead, you’ll see a popup notifying you that the extension has been disabled and marked as malicious. You’ll have the option of reactivating the extension — after all, Google can’t uninstall things from your desktop.

That said, be aware that reactivating the extension will expose you to malicious advertising, phishing pages, and/or malware. 

If you suspect that you’ve been exposed to malware from these extensions or other sites, Google has provided a detailed explanation of how to remove unwanted ads, pop-ups, malware, and programs.

The best advice is to only install extensions that come from reputable sources. You can also go a step further to verify the safety of your extensions by installing the Chrome Extension Source Viewer add-on.

To find the extensions that were removed, Duo has compiled a full list.

The best Chrome extensions for marketers

On the other hand, there are tons of content marketing tools that are insanely useful, free, and completely safe. If you’re looking to expand your extension horizons, here are some of my favorites:

You’ll find these and many more tools in the Google Chrome Web Store.

Just remember to keep cybersecurity in mind when downloading your next new extension. 

Want to learn more about digital sales and marketing?

Master digital sales and marketing when you join IMPACT+ for FREE. Gain instant access to exclusive courses and keynotes taught by Marcus Sheridan, Brian Halligan, Liz Moorehead, Ann Handley, David Cancel, Carina Duffy, Zach Basner, and more.

Sign up for free
Take a peek

Access hundreds of FREE courses and keynotes

Free Course
Digital Sales & Marketing Framework for Today’s Buyers
By: Marcus Sheridan
View Course Preview View Course Preview
Free Keynote
A New Way to Compete & Win
By: Brian Halligan
View Course Preview View Course Preview
Free Virtual Keynote
How To Genuinely Feel Confident, Be Likable, And Build Trust On Camera
By: Liz Moorehead
View Course Preview View Course Preview
Free Keynote
The Future of Marketing is Conversational​
By: David Cancel
View Course Preview View Course Preview
Free Deep Dive
HubSpot On a Budget: Getting Started with HubSpot Starter Hubs
By: Courtney Caldwell
View Course Preview View Course Preview
Free Course
Assignment Selling: Content is Your Greatest Sales Tool
By: Marcus Sheridan
View Course Preview View Course Preview
Free Keynote
The Big, Bold, Brave New World of Marketing​
By: Ann Handley
View Course Preview View Course Preview
Free Course
Investing in Incredible Digital Sales and Marketing Results
By: Chris Duprey
View Course Preview View Course Preview
Free Course
How To Show Your Content Makes Money With HubSpot Marketing and Sales Hubs
By: Liz Moorehead
View Course Preview View Course Preview
Free Virtual Keynote
The Visual Sale
By: Marcus Sheridan & Tyler Lessard
View Course Preview View Course Preview
Free Keynote
Marketing Tech: What’s Now, What’s Near and What’s Not Anytime Soon?​
By: Dharmesh Shah
View Course Preview View Course Preview
Free Course
Inbound Lead Generation & Conversion Optimization
By: Carina Duffy
View Course Preview View Course Preview
Free Virtual Keynote
Fundamentals of Videography: You Can Be a Great Videographer Too
By: Zach Basner
View Course Preview View Course Preview
Free Deep Dive
The Ultimate Customer Service Toolkit for Any Budget
By: Andriti Gulati
View Course Preview View Course Preview
Free Course
6 Topics Subject Matter Experts Need to Address
By: Kevin Phillips
View Course Preview View Course Preview
Free Keynote
Fanocracy: The Power of Making Business Personal​
By: David Meerman Scott
View Course Preview View Course Preview
Free Keynote
The Power of Pillar Content
By: Liz Moorehead
View Course Preview View Course Preview
Free Keynote
SEO for the Future
By: Franco Valentino
View Course Preview View Course Preview
Free Course
Fundamentals of Social Media Marketing
By: Stephanie Baiocchi
View Course Preview View Course Preview
Free Deep Dive
A Practical Guide To Video Graphics
By: Colton Trcic
View Course Preview View Course Preview
Free Session
How To Get Your Community To Know, Like, And Trust You With Video
By: Marki Lemons Rhyal
View Course Preview View Course Preview
Free Course
Video Sales and Marketing Strategy
By: Zach Basner
View Course Preview View Course Preview
Here Are Some Related Articles You May Find Interesting

Want to Contribute Content to impactplus.com? Click Here.

IMPACT+ Sign Up
A FREE online learning community with on-demand courses, hundreds of expert-led sessions, thousands of your peers ready to support you, and much more.
Check it out
Hundreds of courses and recorded keynotes, completely FREE
Check it out
Access hundreds of digital sales and marketing courses and recorded keynotes, completely FREE