Your one-stop web resource providing safety and security information to manufacturers

Ad companies are beginning to buy out Chrome add-on developers so code serving ads can end up hitting users.

Take Amit Agarwal as one case in point. Agarwal, who created the “Add to Feedly” Chrome extension, sold his add-on for four figures.

Browsers Revoke Rogue Certificates
Browser Extensions Steal Account Info
Mac Attack: Ransomware Targets Safari
Ransomware Forces Survey on Victim

“I had no clue about the buyer and was also curious to know why would anyone pay this kind of money for such a simple Chrome extension,” he said in a blog post entitled “I sold a Chrome extension, but it was a bad decision.”

A month after the sale, however, Agarwal realized the buyer’s intentions, as the add-on’s users began complaining about seeing a ton of ads. As it turns out, the new owners updated the extension by adding ad-serving code to it.

Schneider Bold

“These aren’t regular banner ads that you see on web pages, these are invisible ads that work the background and replace links on every website that you visit into affiliate links. In simple English, if the extension is activated in Chrome, it will inject adware into all web pages,” Argawal said.

While Google’s policies don’t forbid extension developers to insert ads in pages, they do require them to be upfront about it and not to do it on more that one portion of a page. Therefore, the company has reacted to the revelations by removing some add-ons from its web store.

One of the issues with Google automatically updating Chrome extensions is this type of thing can happen. Users end up asked to approve the update only if it asks for a new permission.

Pin It on Pinterest

Share This