Google has had to take action to block add-ons for its Chrome web browser delivering malware or injecting their own adverts into webpages.
The add-ons, which add extra functionality to the web browser are accused of having been taken over by adware sellers.
The add-ons are not hacked, but actually sold by their developers to the adware injection vendors. When the browser detects that an updated version is available, it offers to download it, and causes the adware to be inserted into the users computer.
The revelations of a market in legitimate add-ons that can be reprogrammed to deliver malicious code came after a popular add-on developer wrote that he had been offered a significant amount of money to hand over control of his RSS reader application.
Shortly after he sold the add-on, the buyers used it to insert adverts into websites without either the website owners permission, or the permission of the end user.
Apart from being a nuisance for the end-user, such activity reduces advertising income for website owners.
No comments:
Post a Comment