VideoHelp Forum
+ Reply to Thread
Results 1 to 3 of 3
Thread
  1. Member ranchhand's Avatar
    Join Date: Oct 2005
    Location: USA-midwest
    Search Comp PM
    More than 180,000 Google Chrome users have installed at least one of a dozen ad-injecting extensions that are serving up spam on 44 different websites, according to findings by the threat and research analysis team with Barracuda Labs.

    As of Jan. 30, the “logo quiz game” extension has been installed by nearly 82,000 users, and “counter strike cs portable” extension has been installed by about 27,000 users, according to a Monday post by Jason Ding, research scientist with Barracuda Labs.

    Some of the more popular websites impacted by the extensions include youtube.com, yahoo.com, msn.com, imdb.com, myspace.com, and disney.go.com, Ding wrote, explaining all extensions had been served up on the Chrome Web Store directly.

    “When users try to download the extensions from the Chrome Web store, it will ask for ‘Access data to all websites’ permissions before users can download and install them,” Ding said in an email to SCMagazine.com on Tuesday. “Once granted these permissions, JavaScript codes are sitting behind users’ browsers, and these extensions are available at users’ Chrome address.”

    Ding then delivered the bad news. “The JavaScript code downloaded has a URL point to an outside JavaScript hosted at www.chromeadserver.com [that] will be executed whenever users are browsing a webpage,” he said.

    As a result, ads are injected into the websites, sometimes filling in empty spaces on the page, Ding said, adding the JavaScript is solely for spam, only operates in Chrome browsers and does not impact other parts of the user’s system.

    http://www.scmagazine.com/more-than-180k-chrome-users-have-installed-ad-injecting-exte...rticle/332673/
    Quote Quote  
  2. No, only Windows can get malware!
    Quote Quote  
  3. Member
    Join Date: Aug 2006
    Location: United States
    Search Comp PM
    I think Google has been removing offending extensions from the Chrome Web store when they are discovered because injection advertising in that way violates the terms of service.

    http://blogs.wsj.com/digits/2014/01/19/google-removes-two-chrome-extensions-amid-ad-uproar/
    Quote Quote  



Similar Threads