Malicious Chrome Extension Impacts Over 1M Users

Over 1M users download malicious Chrome extension

Chris Pederick, the creator of the Chrome extension Web Developer, was recently phished.  The cyber criminals effectively breached Pederick’s Google account, which was tied to the app.  Therefore, the cyber criminals were able to access the app and make any changes they wanted.  After doing just that, the hackers pushed out a new “updated version” of Web Developer.  It is believed, most of the changes included the ability to distribute spam ads to different webpages users visit.  Beyond spamming users, additional concerns have been raised as well.  Express reported,

“…the Chrome plugin has access to almost everything that takes place within users’ web browser – enabling the malware-ridden software to read website content, intercept traffic, record keystrokes, and more.”

The malicious update was available for six hours before it was pulled from the Chrome Web Store.  Since, Pederick has fixed the issue, and has released an updated version of the app.  Therefore, all users of Web Developer are advised to update to the 0.5 version immediately.

 17,797 total views,  1 views today

(Visited 1 times, 1 visits today)

20 thoughts on “Malicious Chrome Extension Impacts Over 1M Users”

  1. I’ve never had anything to do with Google!! I use Bing for any look ups. I just downloaded
    a new browser called “Honey” to get the best prices on amazon, ebay and many others. During the download Honey kept trying to down load Chrome? I did not! Anytime an email with a link to some exciting thing or to I always just place the cursor offer the link and at the bottom you always get a different link. Just delete those phishing mails.

  2. @Holly Bergeim: Which “fascist” are you referring to? If you mean Obama’s administration, then yes, he has imposed a ton of regulations and fostered all kinds of cronyisms between his bureaucrats and donor entities (such as Solyndra and that abomination of ObamaCare Exchange websites built by his incompetent friends and so on and on).
    It cannot be the Trump team because they are defending the “Rule of Law” and Constitutional Protections. You and I WANT and NEED our votes to count. In order for that to happen, we must prevent dishonest people from voting multiple times or stealing ballots from the aged and infirm living in retirement homes, shepherding illegal aliens into the voting booths, falsifying voter registrations using names of dead people in the cemetery, ballot stuffing, hiding ballot boxes from conservative districts, etc, etc, etc.

    1. @Brian Monson: Are you poor poor people still not off your evil evil Obama psychosis? One should think the monstrosity you have now should be teaching how blind the self declared great nation is, but obviously it is the hopeless case nation instead….

  3. I recently did a search for “weather underground” using chrome. The next thing I know an extension downloads and my browser looks completely different. Is this potentially malicious? Haven’t seen anything unusual show up yet but I’m concerned that something downloads like that without my wanting it to.

  4. I just recently change over to chrome, due to problems with edge. I have experienced my email blowing up with nasty unwanted emails for about a week now ! Not being very good on computer, this has been frustrating for me….
    I have pc matic for protection etc. but I’m still receiving these emails ???

    1. Mia, PC Matic does not include email filtering. If anything malicious tried to execute on your machine from those emails PC Matic would stop it, but we do not have access to your email provider to block messages from your inbox.

  5. I have to wonder if anything is safe. Even Firefox can become tainted. Whatever anyone does online is meat for the grill of evil people. And there are uncounted millions of such people.
    The internet has been great, but humanity isn’t grown up enough to use it constructively. Most humans are thieves, of one kind or another. Nothing, not even religion, can make a thief desist.
    This is knowledge I’ve had for years. It is why I never transact financial things online. I never use social media of any kind. I never give out my phone number or address.
    YEARS ago, we all were told that anything you put online can stay there forever. It’s like the old saw about never writing something you wouldn’t want to appear in the newspapers. Actually, when things like this happen online, the results are much worse.
    I would like to call your attention to our new fascist state, because we all know they were demanding complete voter information from all states. It wasn’t legal, but it shows us what they WANT to do. They want info on every citizen, so they can use it against them. Fortunately for them, almost everyone has already self-written a dossier on themselves that the fascists can use. It’s called social media.
    And they WILL use it.

    1. @Holly Bergeim: Some states routinely sell voter registration lists to telemarketers. A practice I abhor but can do nothing about. My question is, if they are selling voter info to the highest bidder, how can they justify denial of same to a federal investigation?

    1. @Willian: I’m not defending Google on this issue because I don’t know anything about this topic. But this kind of uninformed brainless negative commentary is perfect evidence of what’s wrong with our country right now, no-nothings throwing broad nonsensical aspersions (criminal enterprise) out there. No accountability. Lazy analysis.

  6. Google has not responded. It could be because they have their own internal problems, liberal womens’ issues and such!

  7. You can’t rely either on Google doing anything about a malicious Chrome extension, despite having acquired it from their own official Chrome webstore.

    Installing the FullTab Chrome Extension ( subjected my pc to a browser hijack that took me two days to remove & I am still coping with the damage that this harmful extension has caused – it’s disguised adware that initiates redirects & causes popups via

    Yet reporting this to Google not just once but several times via different routes has been met with nothing more than silence on their part.

    The message to me is clear – you can’t trust Google Chrome.

    1. @Logomage:

      I never want chrome on my pc but it is very hard to escape the multitude of ads harassing me to get it now to save my pc from attack!

      mmmm….. I wonder why I dislike it so much?

  8. Bryan Lancaster

    A not too dissimilar thing happened a few weeks/month ago with Social Fixer in the Chrome Web Store.

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.