Hi Security-dev,
Since the beginning of the Chrome Extensions Platform, we have worked hard to keep the ecosystem secure and free from abuse, and have
shared our research on detection and protection methodologies.
As you may have seen on Twitter, the Chrome Extensions Security team was recently notified of a malicious Chrome App that impersonated the official AdBlock Plus extension in Chrome Web Store.
First off, we wanted to share an update on immediate steps that have been taken. Within minutes of being confirmed as malware, it was removed from the Chrome Web Store as well as from the machines of users who previously installed it. The developer account was also suspended.
After reviewing the issue in more detail, we found that a number of other similar instances of this campaign were detected and that our systems had successfully prevented them from reaching users. This app was able to slip through the cracks, but we’ve identified the reason and are addressing it.
More broadly, we wanted to acknowledge that we know the issue spans beyond this single app. We can’t go into details publicly about solutions we are currently considering (so as to not expose information that could be used by attackers to evade our abuse fighting methodologies), but we wanted to let the community know that we are working on it, as we continually strive to improve our protection and keep users safe from malicious Chrome Extensions and Apps.
Best,
The Chrome Extensions & Security Teams