9
9 Comments

Finding malicious Chrome extensions

A short while back, I launched https://chrome-stats.com/ to analyze Chrome extensions in Chrome Web Store. Using these data, I am now able to identify some potentially malicious Chrome extensions. I have incorporated some of the logics used in this blog post with Brian Krebs (https://krebsonsecurity.com/2021/05/using-fake-reviews-to-find-dangerous-extensions/) to provide a "Safety" metrics for each Chrome extension. I am hoping that this will help users identify risky extensions sooner since Google typically takes a while before they removed a bad extension.

Do you know/remember any malicious Chrome extension recently? I am looking for data points to see measure how well my algorithm is in detecting bad Chrome extensions.

  1. 1

    Hi @hao1300

    I am a big fan of Chrome stat, it is very helpful.

    What was your inspiration to start such a platform? What are your revenues like? Is it gaining traction.

    1. 2

      Hi @zombiebyte19.

      My revenue from subscription hasn't increased since May. Basically my users are paying for a month to get access to the data, then unsubscribe. I think they may subscribe again in the future for another month or so, and then unsubscribe :-/ I am still exploring ways to retain paid users as the churn rate is pretty high. That said, I have been able to attract and retain a lot of visitors (and generating some decent revenues from ads), so it is still not too bad.

      Before ChromeStats, I worked on ModHeader Chrome extensions in my spare time, and I was getting emails about potential "monetization methods" that involve all kind of shady methods, so I thought it is becoming a common problem in the Chrome extension ecosystem. I started this in hope of improving the overall Chrome extension ecosystem for developers and users.

      1. 1

        Hi @hao1300,

        How are you? I had some important questions and was wondering if Chrome Stat has data regarding this in their trends. This is more generic to chrome extension in general:

        • What are the biggest influencer on chrome store ranking? Review, install, retention, keywords?
        • Have you done general analytics on it since you have so much data.
        • Has reviews have a big influence on ranking?
        • Does net retention (install - uninstall), that has an effect on ranking?
        • How does keyword affect download numbers?
        • Does badges and length of dev account affect ranking numbers.

        In our experience we have seen correlation, but was wondering if there is causation you have seen? Can I glean these data from ChromeStat? Would love to see some anal

        BTW, still absolutely love your platform.

        1. 1

          @hao1300

          Hi Hao, I have made this into a seperate post here: https://www.indiehackers.com/post/what-affects-chrome-store-download-the-most-9f5c570904

          Thought that will be a better place for you to comment, bigger exposure for ChromeStat :)

          1. 1

            Thanks! Just replied to your post.

      2. 1

        Thank you @hao1300 for sharing your story. As a chrome extension developer myself, I do love the data that you provide. I do use it frequently. Great work with that. It is unique.

        Yes, I do agree that Chrome Extension can be very powerful if build right.

        Thank you for all the work providing the great data.

  2. 1

    I have a chrome extension in the store (that I didn't update it since several months)

    But I received from time to time emails from people that want to buy the extension. I guess it's probably to buy the extension and add a malicious code inside.

    However, Google did a good job by checking deeper the extension that inject/use external script and permissions.

    1. 1

      Yea, I also had several Chrome extensions that people reach out to me about monetization, which was kind of what led me down this project in the first place. I have gotten requests about replacing search engine, mining user data, using user bandwidth as a proxy, etc. I see some of those extensions that integrate with these companies are still around.

      Currently my algorithm is still not able to detect them all, but they have some common patterns so I reasonably confident that I can detect them once I enhance the logics some more.

  3. 1

    A recent popular malware-suspected chrome extension was the Great Tab Suspender. Came as quite a shock since it was such a hit among anyone used to opening many tabs at once (like me 😅).

Trending on Indie Hackers
Competing with Product Hunt: a month later 33 comments Why do you hate marketing? 29 comments My Top 20 Free Tools That I Use Everyday as an Indie Hacker 19 comments $15k revenues in <4 months as a solopreneur 14 comments Use Your Product 13 comments How I Launched FrontendEase 13 comments