Recently researchers discovered that over 500 Chrome extensions on its official web store (ouch!) were stealing browsing data and executing click fraud and malvertising after installing themselves on the computers of millions of users.
An orchestrated operation that might have been active since the early 2010s!
This is terrifying.
A two-month-long investigation by security researcher Jamila Kaya and Cisco’s Duo Security team exposed the browser extensions that had been downloaded millions of times from Google’s Chrome Web Store.
What a stark reminder that we should all be cautious when installing extensions in our browsers.
Better safe than sorry
Anyone using one of the now-suspended 500 extensions will find they’ve automatically been deactivated in their browser.
This incident is a double-edged sword. It’s good because these extensions can no longer infect users. But it’s bad because it is an example of how easy it is for malicious extensions to sneak in the Chrome Web Store and stay put for years without Google noticing.
The only way to stay safe is to maintain good security hygiene when installing extensions:
- Install extensions only from the official web stores.
- Install as few extensions as possible.
- Check reviews and feedback from users before installing extensions.
- Pay attention to the developer’s reputation and responsiveness to questions, and how frequently the extensions are updated.
Stay informed, stay vigilant
Digital marketers will continue to look for new ways to identify you and target you with ads, and some of them are less-than-transparent about how they do that.
Stay informed and vigilant. After all, you cannot count only on technology to guard your personal information.
And guarding your personal information starts with choosing a browser that will not spy, steal and sell your data. Exactly what we stand for at Vivaldi.
It’s also our philosophy to give you native, out-of-the-box features that provide solutions without having to resort to add-ons.
Extensions are handy but can create issues
Heavy use of extensions is common, but as you install more and more – that you no doubt find useful – you start to feel the consequences of doing so.
While extensions may add useful features to your browser, they can pose threats to privacy, security and performance.
They can crash the browser or compromise it from a security standpoint. A buggy extension could use its access to snoop on your browsing, possibly capturing your credit card details or passwords.
Often, extensions are power-hungry and sap memory resources that slow down your browsing. So using a minimal collection of add-ons will help improve performance.
Another thing to consider is that user experience is much better with native features than with extensions. Web technologies evolve but native features will always continue to provide better, consistent with the product user experience.
Rely less on extensions
We certainly have a love-hate relationship with extensions but we’ll never hesitate to recommend some built-in gems in Vivaldi over the use of an extension:
- Save your currently open tabs as a named ‘session’ and access them later.
- Write Notes in Vivaldi’s sidebar while searching the web and add screenshots of useful sites, or capture selected areas of text.
- Capture either a full-page screenshot or a selection of the screen that you define.
- Dive into the general attributes of the picture with a built-in image inspector.
So, cut down on your list of extensions! Choose extensions that provide true benefit. That’s bound to be a win-win situation. You’ll browse faster and safer.
On that, has anyone had any experience of using an extension that turned out to be malicious?