Chrome will now let you know when an extension is dangerous

Silhouette of a hand holding a padlock infront of the google chrome logo
(Image credit: Shutterstock / Ink Drop)

Google is bringing a new feature to its famed Chrome browser that should make it somewhat safer for people to use. 

As of Chrome 117 (which is currently in Beta and should be generally available relatively soon), the browser will warn users when an extension they have installed has been removed from the Chrome Web Store.

Extensions are a great way to expand the functionalities of the browser, but they’re also being abused by threat actors on a daily basis. Some extensions that make it to the Web Store perform malicious actions, such as stealing passwords and serving adware, among other things. 

Warning users

Google goes to great lengths to protect its users from such extensions, and removes malicious products all the time. However, for users that have the malware installed, the removal from the Web Store means very little, as they need to remove it from their endpoints themselves if they are to remain secure. 

Sometimes that doesn’t happen as many people don’t pay attention to the news regarding malicious extensions.

In that sense, notifying the user that an extension they have installed was removed from the Web Store should give enough of a nudge to the victim in order to investigate further. As BleepingComputer puts it, the removal from the Chrome Web store is “usually indicative of it being malware”.

The feature can be tested in Chrome 116, by enabling the browser’s “Extensions Module in Safety Check” feature. That can be done by navigating to “chrome://flags/#safety-check-extensions” and enabling the abovementioned feature. It can then be found under “Privacy and security”. 

Navigating to that menu will show the user all of the extensions removed from the Web Store, as well as the reasoning behind their removal.

Via: BleepingComputer

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.