Google Chrome to alert users as malicious extensions are added

In the Chrome browser, Google is testing a new feature that will alert users when an installed extension has been deleted from the Chrome Web Store, which is typically a sign that it contains malware. The Chrome Web Store is constantly updated with unwanted browser add-ons that are marketed through pop-up and redirect advertising. These extensions are produced by swindling businesses and threat actors who employ them to inject adverts, monitor users' search histories, reroute them to affiliate websites, or, in more extreme situations, steal Gmail emails and Facebook accounts.

As a result, Google has expanded its Safety Check function to include browser extensions. This tool alerts Chrome users when an extension has been found to be malicious or has been withdrawn from the store, and recommends that they delete it from the browser. 

This feature will go live in Chrome 117, but users can now test it in Chrome 116 by enabling the browser's experimental 'Extensions Module in Safety Check' feature. To enable the feature, simply copy the Chrome URL, 'chrome://flags/#safety-check-extensions', into the address bar and press enter. Users will be brought to the Chrome Flags page with the 'Extensions Module in Safety Check' feature highlighted. Now set it to enabled and restart the browser when prompted to enable the feature. 

Once enabled, a new option will appear under the 'Privacy and security' settings page that prompts users to review any extensions removed from the Chrome Web Store. Clicking this link will bring to the extension page, listing the removed extensions and why they were removed and prompting users to uninstall them. 

Google says that extensions can be removed from the Chrome Web Store because they were unpublished by the developer, violated policies, or were detected as malware. For extensions detected as malware, it is strongly advised that users remove them immediately to not only protect their data but also to prevent their computers from facing future attacks. For those that are removed for other reasons, it is advised that users remove them as well, as they are no longer supported or break other policies that are not strictly malware but are not necessarily helpful.