Up till now, I used to install browser extensions and add-ons like a child picking candies from a candy store. I really didn’t think twice about it even though I am extremely careful downloading and installing programs off the Internet. So why in the world I never thought browser extensions could be malicious is beyond me, but I’m guessing I’m not the only one who thinks like that.
Then I read this article on how your browser extensions can be spying on you and was pretty shocked. Basically, extensions that used to be clean and good were bought out by companies with nefarious intentions. If it was a popular extension with millions of users, suddenly those companies could gain a lot of useful data by adding tracking code or make a lot of money by injecting ads into sites without you even knowing about it. Since these extensions update automatically, if someone else takes over and decides to change the code, you would never even know about it.
Unfortunately, there was no easy way to tell whether an extension has been compromised or not. Thanks to this article by HTG, though, a lot of people have been putting in the time to research many of the extensions to see which ones contain malware or adware and which ones don’t.
HTG has a running list of extensions that have adware or malware here. First, check any extensions you have install against that list. You can see all the extensions you have installed by clicking on the three bars at the top right, clicking on Settings and then clicking on Extensions on the left hand side.
You can disable an extension by unchecking the Enabled box or you can delete it completely by clicking on the trash icon. If you happen to have any from the list, it’s best to delete the extension completely.
The second thing you can do is to install another extension (ironically) called ExtShield that will automatically scan all your extensions and let you know if any of them are on the blacklist.
Another useful feature of the extension is that it will show you the permissions that each extension currently has. In addition, it will monitor future installs and website behavior for any malicious activity. The developer also intends to add features like the ability to notify you if the ownership of the extension changes or if the extensions starts to behave oddly.
I never like only having one option, so I was glad to see there is another extension called Extension Defender in the Chrome store that also does the same thing, but has a higher rating. It seems like ExtShield was giving a lot of false positives for people and therefore has some lower star ratings.
ExtensionDefender will scan your extensions and let you know if it finds any malware, adware or spyware. New signatures are also added daily with about 80 currently being detected. These include extensions in and out of the web store.
The other nice thing is that the code is completely transparent and non-obfuscated, which means you can see what every line of code actually does. That’s not the case with ExtShield. According to the reviews, it seems the code is very obfuscated, which doesn’t necessarily mean anything evil going on, but it’s nice to have transparency that can be confirmed by others.
Hopefully, the list plus the extensions will help you stay safe while browsing. Extensions tend to have very broad privileges and therefore can capture a lot more data than you might think possible. If you don’t like having extra extensions installed, go ahead and install one of them, before a scan and then uninstall it. Enjoy!