Last week we reported on vendors purchasing extensions from their authors and then using them infect users with malware. As I assumed in that article Google has moved quickly removing at least two Chrome extensions from the Chrome web store. Ad this Feedly and Tweet This Page were the two examples used in the original Ars Technica report on extensions whose user base was being utilized as a ready-made attack vector. In the wake of this revelation several other Chrome extension owners have come forward saying they had been offered money than their extensions and as we suspected the problem is a bit bigger than just a couple extensions being turned to malware.

Google isn't your only line of defense when it comes to bad extensions - tools are beginning to pop up on the Chrome web store to help fight the malicious extensions. Extshield is an early example that uses a known blacklist of bad extensions and keeps them from being installed on your machine. Extshield doesn't have heuristic support for real-time scans yet but this and a community-supported extension tracker are in the works. The tool will also be able to keep track of changes made to the extensions installed on your machine when it's complete. This and other alternatives may be viable solutions until Google changes their extension policy. The good news is that this trend of buying extensions and injecting malware/adware into them has Google's attention now. If you have any suggestions for malware fighting extensions please let us know in the comments below.