Google has been recently removing Chrome extensions published on the Chrome Web Store that inject advertisements into the browser without previously informing the user. All extensions published on the Chrome Web Store must adhere to the Developer Program Policies, requiring that extensions may show advertisements only if:
A Google Online Security Blog post on March 31, 2015 revealed that, “Researchers found 192 deceptive Chrome extensions that affected 14 million users; these have since been disabled.” Additionally, “Thirty-four percent of Chrome extensions injecting ads were classified as outright malware.”
While it is commendable that Google is taking a very proactive approach to eliminating deceptive or malicious software extensions for its Chrome browser, there are numerous other ways that ad injecting programs can install on a computer apart from browser extensions.
Adware can be bundled with other types of downloaded and installed software programs, or malicious software can be injected into a machine via a security vulnerability in the operating system, web browser or component that accesses the web such as Adobe Flash Player or Java Runtime Environment.
For more details about Google’s efforts and the problem of undesirable Adware software, check out article Google cracks down on ad-injecting Chrome extensions, by Lucian Constantin featured in PC World.
For more information about malware threats in general and some practical steps you can take to help prevent them, check out my article on Tips For Preventing Malware Infection.
~Ted Eiler