It seems that recently it was discovered that Google’s Chrome Web Store had allowed a malicious browser extension to be published, in which it was reported that about 37,000 unwitting users have installed it since. The extension in question, which was discovered by @SwiftOnSecurity, pretended by a Chrome extension AdBlock Plus, and users who were looking for the extension mistook the fake extension for the real one.
So what happens when the fake extension was installed? Basically it swamps the infected computer with adverts and opens up tabs without the user’s explicit permission. It is unclear if user data might have been compromised as a result of this fake extension, but Google has since removed the extension.
In a post on its website, Google writes, “Within minutes of being confirmed as malware, it was removed from the Chrome Web Store as well as from the machines of users who previously installed it. The developer account was also suspended. After reviewing the issue in more detail, we found that a number of other similar instances of this campaign were detected and that our systems had successfully prevented them from reaching users. This app was able to slip through the cracks, but we’ve identified the reason and are addressing it.”