• Marketing Land
  • Sections
    • CMO
    • Social
    • SEM
    • SEO
    • Analytics
    • Display
    • Retail
    • MarTech
    • Resources
    • More
    • Home
  • Follow Us
    • Follow
  • Marketing Land
  • CMO
  • Social
  • SEM
  • SEO
  • Analytics
  • Display
  • Retail
  • MarTech
  • Resources
  • More
    • Follow
  • SUBSCRIBE

Marketing Land

Marketing Land
  • CMO
  • Social
  • SEM
  • SEO
  • Analytics
  • Display
  • Retail
  • MarTech
  • Resources
  • More
  • Home
  • Newsletters
  • Home
Martech: Advertising

500+ malvertising Google Chrome extensions disabled, removed from Web Store

Google was able to confirm the finding and discovered over 500 instances of the malware by seeking a "fingerprint" by security researcher Jamila Kaya.

Detlef Johnson on February 14, 2020 at 3:14 pm
  • More

Harmful malvertising Google Chrome Extensions were active over at least eight months. The extensions redirected millions of users to malicious sites, including to affiliate links or a GDPR announcement site in an apparent attempt to misdirect investigations and appear legitimate.

Malicious ads. Security researcher Jamila Kaya and Cisco’s Duo Security team identified the group of extensions. When a user installs any one of the 500+ extensions, a network of downstream malware sites will act in concert for a command and control scenario to redirect in such a way as to masquerade as ordinary, but intrusive, looking ads.

“The user’s host regularly checks in at an asynchronous interval to the other domains to receive new instructions, locations to upload data, and new domain and feed lists for advertisements and future redirects.”

Jamila Kaya and Jacob Rickerd (Duo.com)

Google response. The researchers alerted Google of the problem, and together, they reached a high confidence level that all rogue extensions were disabled for current installs. Chrome users with any of these extensions will see them marked as malware as a prompt to uninstall, locally.

Presumably, the downstream domains have been added to a shared list of security hazard websites and removed from Google’s search index.

Tightening security requirements. Google had already begun to tamp down its privacy policy and data handling requirements as a direct consequence of this breach once the researchers alerted them late last year. During the interim, they were able to confirm the finding and discover over 500 instances of the malware extensions by seeking a signature code “fingerprint” discovered Kaya.

What Kaya discovered was the various extensions all carelessly shared much the same source code, only with function names switched out in order to appear different enough to slip through Google’s automated duplicate detection system, and allowing them to publish the volume of extensions to the Web Store.

Why we care. As marketers, we need to know that security requirements governing the storage of data will continue to increase as Google’s new requirements outline. Additionally, we should be concerned that our reputation suffers when breaches occur and bad advertising gives millions of users bad experiences.



About The Author

Detlef Johnson
Detlef Johnson is the SEO for Developers Expert for Search Engine Land and SMX. He is also a member of the programming team for SMX events and writes the SEO for Developers series on Search Engine Land. Detlef is one of the original group of pioneering webmasters who established the professional SEO field more than 20 years ago. Since then he has worked for major search engine technology providers, managed programming and marketing teams for Chicago Tribune, and consulted for numerous entities including Fortune 500 companies. Detlef has a strong understanding of Technical SEO and a passion for Web programming.

Related Topics

Channel: Martech: AdvertisingGoogleGoogle: ChromeGoogle: Display AdvertisingGoogle: Privacy

We're listening.

Have something to say about this article? Share it with us on Facebook, Twitter or our LinkedIn Group.

Get the daily newsletter digital marketers rely on.
See terms.

ATTEND OUR EVENTS

MarTech 2021: March 16-17

MarTech 2021: Sept. 14-15

MarTech 2020: Watch On-Demand

×

Attend MarTech - Click Here


Learn More About Our MarTech Events

February 23, 2021: SMX Report

April 13, 2021: SMX Create

May 18-19, 2021: SMX London

June 8-9, 2021: SMX Paris

June 15-16, 2021: SMX Advanced

August 17, 2021: SMX Convert

November 9-10, 2021: SMX Next

October 2021: SMX Advanced Europe

December17, 2021: SMX Code

Available On-Demand: SMX

×


Learn More About Our SMX Events

White Papers

  • The State of Local Marketing Report 2020-2021
  • Quality CRM Data: The Key to Delivering Great Customer Experiences
  • How the Microsoft Search Network Can Maximize Your Search Campaigns
  • The Marketer’s Playbook for Customer Acquisition
  • How To Optimize SEO With UGC
See More Whitepapers

Webinars

  • How to Avoid the Digital Transformation Trap
  • How to Build a Marketing System of Record
  • Meet BIMI: The brand-boosting email security marketers must have for 2021
See More Webinars

Research Reports

  • Local Marketing Solutions for Multi-Location Businesses
  • Enterprise Digital Asset Management Platforms
  • Identity Resolution Platforms
  • Customer Data Platforms
  • B2B Marketing Automation Platforms
  • Call Analytics Platforms
See More Research

h
Receive daily marketing news & analysis.
Marketing Land
Download the Marketing Land app on iTunes Download the Marketing Land App on Google Play

Channels

  • MarTech
  • CMO
  • Social
  • SEM
  • SEO
  • Mobile
  • Analytics
  • Retail
  • Display

Our Events

  • MarTech
  • SMX

Resources

  • White Papers
  • Research
  • Webinars
  • MarTech Conference
  • Search Marketing Expo

About

  • About Us
  • Contact
  • Privacy
  • Marketing Opportunities
  • Staff
  • Connect With Us

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • Newsletters
  • Instagram
  • RSS
  • Youtube
  • iOS App
  • Google Play

© 2021 Third Door Media, Inc. All rights reserved.

Your privacy means the world to us. We share your personal information only when you give us explicit permission to do so, and confirm we have your permission each time. Learn more by viewing our privacy policy.Ok