It’s no exaggeration to say Google has a malware problem. And we’re not talking about the malware users run into when exploring the web. We’re talking about overlooked malware that floats around on platforms Google actually owns.
The best example here would be Google Play, which is notorious for lackluster moderation and sketchy software offerings. Just recently, 116 new malicious apps were found to be hosted on the platform, along with millions of downloads. Tap or click to see how bad the malware was.
But now, a new batch of malware was discovered on Google Chrome’s extension marketplace. More than 500 extensions were found to contain malicious software and users around the world may have already installed several of them. Don’t worry, we’ll show you how you can remove the offending programs.
New malware outbreak at Google: Will it ever end?
Security researchers at Cisco have discovered a new trove of malicious software floating around on a Google marketplace. This time, it’s Chrome extensions that are affected, with more than 500 of them containing malicious codes.
Speaking to reporters at ZDNet, the researchers concluded the malicious code in these extensions could be used to potentially steal information in phishing attacks. Many of them also randomly inject pop-up ads without users knowing what was responsible.
The researchers at Cisco believe these extensions are part of a much larger malware operation due to coding similarities.
Upon reporting their findings to Google, the search engine giant remotely disabled any affected extensions. This means they’re no longer active and working or available to download; however, users who downloaded them previously will need to manually remove them from their browsers.
How do I get malicious extensions off my Google Chrome browser?
In one of its most proactive security moves yet, Google automatically disabled malicious extensions across the web. Even if you made the mistake of downloading one of these programs, Google’s actions made sure you wouldn’t be negatively affected.
Now that the extensions are disabled, this means they can no longer impact your browsing experience unless you turn them back on willingly; however, it’s in your best interest to clean the programs out. Fortunately, every malicious extension will now read Malicious next to their names if flagged by Google.
To find the extensions installed on your browser, open Chrome on your computer. On the upper right of the browser, click the three-dot hamburger menu and then More Tools, followed by Extensions. Here, you can turn them on/off. If you find one an add-on with the malicious label, delete it.
If you don’t see any with a malicious label, it means you were lucky enough not to download any in the past.
Despite our usual haranguing of Google for its lax moderation, we’ve got to give the company kudos for its quick-thinking move to deactivate all the extensions remotely. Not only does this solve a major compromise problem, it also prevents less tech-savvy people from getting into trouble.
If only we could convince Google to care as much about the Google Play store. Remotely disabling malicious apps would be a lifesaver for unlucky Android users who may have stumbled onto malware without knowing it. Tap or click to see how many Android users may be affected by malware.