2 min Security

Chrome can now take down malware masquerading as an extension

Chrome can now take down malware masquerading as an extension

Google is currently testing a browser feature that alerts users when an installed extension has been removed from the Chrome Web Store, something that often indicates it is malware.

BleepingComputer reports that the Chrome Web Store is constantly flooded with unwanted browser extensions published and promoted via pop-ups and advertising. These browser extensions therefore often end up in the browsers of unsuspecting users, after which their browser data is free game for malicious actors.

These extensions keep reappearing even when swatted down because its publishers are quick to build a new one and launch it on the Chrome Web Store.

Safety Check

However, Google has a solution in store. The company’s going to deploy a “Safety Check” feature to scrutinize browser extensions. This feature will alert Chrome users if an extension has been identified as malware or removed from the store, advising them to remove it from the browser.

Although this functionality will not become active until Chrome 117, users already have the opportunity to test it in Chrome 116 by enabling the experimental feature called “Extensions Module in Safety Check. To do so, users just need to copy the Chrome URL ‘chrome://flags/#safety-check-extensions’ and paste it into the address bar, followed by Enter. Then the new feature can be enabled after a restart of the browser.

Once enabled, a new option appears under the “Privacy and Security” section. This directs users to an overview of deleted extensions from the Chrome Web Store. Here one can view the list of removed extensions, discover the reasons behind their removal and be encouraged to remove them.

Still, removed extensions are by no means always malware. For example, developers may have removed it themselves or they may have violated copyrights. However, even there Google recommends uninstalling them because they will no longer receive updates.

Also read: MacOS malware detection tool proves easy to bypass