Google is cracking down on ad-injecting extensions for its Chrome browser after finding that almost 200 of them exposed millions of users to deceptive practices or malicious software.
More than a third of Chrome extensions that inject ads were recently classified as malware in a study that Google researchers carried out with colleagues from the University of California at Berkeley. The Researchers uncovered 192 deceptive Chrome extensions that affected 14 million users. Google officials have since killed those extensions and incorporated new techniques to catch any new or updated extensions that carry out similar abuses.
The study also found widespread use of ad injectors for multiple browsers on both Windows and OS X computers. More than five percent of people visiting Google sites have at least one ad injector installed Within that group, half have at least two injectors installed, and nearly one-third have at least four installed. Google officials don't bar such ad injectors outright, but they do place restrictions on them. Terms of service for Chrome extensions, for instance, require that the ad-injecting behavior be clearly disclosed. Customers of DoubleClick and other Google-operated ads services must also comply with policies barring unwanted software.