280 million people have installed malware-infected Chrome extensions
Last week, Google announced that less than 1% of all installs from the Chrome Store, contained malware. The Chrome Store currently contains more than 250,000 extensions.
Google added that some bad extensions still get past the company's security. So they also monitor published extensions.
However, a group of researchers from Stanford University and the CISPA Helmholtz Center for Information Security confirmed that is not true. They said 280 million people installed a Chrome extension infected with malware over a three-year period.
Researchers examined Security Notable Extensions (SNE) - extensions that contain malware, violate Chrome Web Store policies, or contain vulnerable code.
The results show that from July 2020 to February 2023, 346 million users installed SNE. Of these, 280 million Chrome extensions contained malware, 63 million extensions violated policies, and 3 million were vulnerable. At that time, there were almost 125,000 extensions available in the Chrome Store.
The researchers found that SNEs remained on the store for an average of 380 days (malware) and 1,248 days if they contained vulnerable code. Meanwhile, safe Chrome extensions often don't stay on the store for too long, with only 51.8 - 62.9% still available after a year.
The longest-running SNE at 8.5 years, called TeleApp, was last updated on December 13, 2013 and was not found to contain malware and malware until June 14, 2022. deleted.
You should read it
- Instructions for installing extension for Chrome on a computer from a smartphone
- Listed 15 Chrome Extension for programmers
- Extension Police, an extension that helps protect Chrome from malicious extensions
- How to Install Bitmoji Extension for Chrome
- Chrome adds a warning when an extension takes over the Internet connection
- 7 best Chrome extensions to increase your productivity
- Top 10+ Chrome extension helps manage and speed up downloads
- 6 Chrome extensions to help choose the best color
- How to quickly turn off gadgets, apps, themes on Chrome
- 7 Chrome extensions for web designers
- How to create custom shortcuts for extensions on the Chrome browser
- 6 Chrome extension to check the weather from the current tab
Maybe you are interested
Manifest V3 rollout to remove Google extensions is being pushed
This browser allows you to use your favorite Chrome extensions that have been removed
What to do when Google is about to remove your favorite browser extensions?
How Gemini extensions help work more efficiently on Google Workspace
5 must-have free Chrome extensions for students
Reasons not to use password manager browser extensions, even though they are very convenient