This article has been reviewed according to Science X's editorial process and policies. Editors have highlighted the following attributes while ensuring the content's credibility:



trusted source


Security experts find millions of users running malware infected extensions from Google Chrome Web Store

Security experts find millions of users running malware infected extensions from Google Chrome Web Store
Number of users with a benign, malware-containing, policy-violating, or vulnerable extension installed–The blue tick denotes the means and the red line the median Credit: arXiv (2024). DOI: 10.48550/arxiv.2406.12710

A trio of security experts at Stanford University has found that millions of people are running an infected version of Chrome web browser due to extensions installed from the Google Chrome Web Store (GCWS). Sheryl Hsu, Manda Tran and Aurore Fass have posted a paper to the arXiv preprint server describing their findings after studying thousands of extensions on GCWS.

To get the most out of , such as Google's Chrome, users download extensions from popular extension sites. One of the most popular and well-known such sites is GCWS—it hosts extensions for the Chrome web browser that have been written by third-party programmers.

Two of the main problems with downloading and using extensions written by third parties is the uneven level of quality and the possibility of malware. In this new effort, the researchers have looked at the latter issue, and the scale of risk for people using extensions downloaded from GCWS.

The researchers took two approaches to determine how many of the thousands of extensions hosted on GCWS have what they describe as security-noteworthy extensions (SNEs)—those that violate GCWS policy or contain malware or vulnerable code.

The first involved analyzing from past research efforts into with Chrome web extensions. The second involved downloading all extensions (approximately 125,000) that were available on the site between July 2020 and February 2023 and then analyzing the code that was used when they were written, looking for telltale signs of malware infection.

They also analyzed the site's download history and the longevity of extensions on the site.

The research team found that approximately 346 million users had downloaded a SNE from GCWS during the two-year period under study—280 million of which involved SNEs with malware. They note that Google claims that less than 1% of extensions hosted by the store have malware—the company also claims to vet all extensions hosted on the site.

The researchers also found that SNEs differ widely in how long they are available on GCWS, from months to years, and that very seldom report an as being problematic.

More information: Sheryl Hsu et al, What is in the Chrome Web Store? Investigating Security-Noteworthy Browser Extensions, arXiv (2024). DOI: 10.48550/arxiv.2406.12710

Journal information: arXiv

© 2024 Science X Network

Citation: Security experts find millions of users running malware infected extensions from Google Chrome Web Store (2024, June 25) retrieved 15 July 2024 from
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.

Explore further

Chrome 88's Manifest V3 sets strict privacy rules for extension developers


Feedback to editors