Stop Using the Chrome Web Store to Find Extensions
It sounds counterintuitive, but listen to me. If you’re looking for a new browser extension, or want to download a recommended one, stop looking in the Chrome Web Store.
While I am absolutely confident that you, a tech-savvy reader of Lifehacker, will not fall under the onslaught of rogue extensions on the Chrome Web Store, AdGuard recently reported that around 300 rogue extensions were responsible for clogging up nearly 80 million Chrome users (minus any bots).
While some of these extensions were your typical “crappy-sounding extensions that should be avoided by anyone with a brain,” many were close enough to sane-sounding extensions to cause problems. For instance:
- YouTube ad unit
- YouTube ad blocker
- A blocker
- UBlocker
- AdBlock – stop ads on all sites
- Adblocker-X
- Adburner
- AdBear
- StopAds
- Adkill
These were all fake listings that have since been removed from the Chrome Web Store, but only because AdGuard was able to get Google’s attention. Up to this point, these fraudulent extensions have reached millions of users since their launch. And none of the extensions on this list, for the record, were legitimate — the extension you want is “ Adblock for Youtube ,” by AdRemover, but how is the average person supposed to know that?
It feels like we write stories like this with alarming frequency. In my opinion, this means Chrome has a moderate size issue in the Chrome Web Store. It feels a bit like the Wild West, where anyone can seemingly download any extension, which is either a maliciously loaded clone of another, or just the slightest different, so as not to make Google suspect that there is something up.
Obviously, however, when “Adblocker”, “Ad-block” and “Adblock” have similar descriptions and icons, something is clearly wrong . But if you’re not very tech savvy, then again, how do you separate malware from required extensions?
AdGuard does an excellent job of summarizing the recommendations that we usually offer:
- “If you’re going to install a browser extension, think again. Maybe you don’t need it?
- Only install extensions from developers you trust.
- Don’t believe what you read in the extension description.
- Reading user reviews won’t help either. Most of the malicious extensions have great reviews, but they are malicious. “
And I’m glad to see that their last point echoes what I’ve been thinking lately:
- Don’t use the internal search in the Chrome Web Store, go directly to the links on verified developers’ sites.
It seems a little odd to say that Google is generally not as trustworthy when it comes to searching (and instead of using it, you should just use … Google). I wouldn’t recommend regular people to use the Chrome Web Store to find things they didn’t already know about; even then, the chance of being caught by malware is still too great.
I mean, shoot, I just did a simple search for “block ads” like any normal person, and these results all seem a little sketchy:
Do not install from the Chrome Web Store unless you are sure the extension you are installing is legal. To make sure you are not tempted or misled by other crappy extensions, find the original developer of the extension – website, GitHub, Twitter account, or whatever – or a testimonial site you trust and use the links they provide. to get your extensions from Google. You will be much more secure.