Google is cracking down on Chrome extensions that inject ads into the browser. This follows over 100,000 complaints since the beginning of 2015 and the internet giant has had enough. Ad-injection is a dirty word, moreso these days since the Superfish debacle with Lenovo that brought the practice to the attention of the world.
Ad-injectors are programmes that either inset ads into sites that don’t have any, or replace existing ads with their own. This presents a problem for both advertisers and site operators, as neither really benefits from the arrangement. The situation is even worse for the users with the ad-injectors installed as it could be used as an additional attack vector for hackers.
These injectors are usually installed without the knowledge of the user, or as part of a software bundle. Google estimates as much as five-percent of its users have ended up with some sort of ad-injector installed. Despite that, the company notes that it will not ban all ad-injectors. Users will still have the choice to download and install injectors that openly declare what they do, and make no attempt at deception.
From now on, Google will display the familiar red warning page to those who visit deceptive Chrome Extensions. It won’t always stop users from walking into these problems, but at least there is some warning to prevent the unsuspecting user from ending up with a boatload of ads onscreen.
Finally, Google will be releasing research on ad-injectors to reveal the scale and scope of the problem. The study, conducted with the University of Berkeley, drew conclusions from over 100 million page views from the major web browsers. It doesn’t look that good, as 34-percent of all Chrome extensions that inject ads were classified as malware. The study is due to be published on 1 May.
[Source: Google, via Ars Technica]
