According to the LA Times, the extensions, “Add to Feedly” and “Tweet This Page”, were “silently” updated to include codes that served unwanted ads to customers.
Over the weekend, Amit Agrawal, developer of the “Add to Feedly”, revealed that he had sold the extension to a unknown buyer, in which the new owner added the adware code that did not adhere to Google’s terms and conditions.
“These aren’t regular banner ads that you see on web pages, these are invisible ads that work the background and replace links on every website that you visit into affiliate links, “stated Agrawal. “In simple English, if the extension is activated in Chrome, it will inject adware into all web pages.”
Meanwhile, a similar situation occurred with the “Tweet This Page” extension, which had also been purchased and modified to serve unwanted ads and “hijack Google searches.”
Developers of bigger Chrome extensions, such as “Honey” that has around 300,000 users, has also been approached by third parties looking to purchase the extension.
“Over the past year we’ve been approached by malware companies that have tried to buy the extension, data collection companies that have tried to buy user data, and adware companies that have tried to partner with us. We turned them all down,” stated “Honey” developer.
According to The Wall Street Journal, the extensions were removed after The Wall Street Journal had notified Google of the malware.