280 million Google Chrome users downloaded malware infected browser extensions: 9 ways to protect yourself

The research team, including Sheryl Hsu, Manda Tran and Aurore Fass of Stanford University, downloaded and examined the codes of approximately 1.25 lakh extensions available on the Google Chrome Web Store, trying to find security-noteworthy extensions (SNEs), Business Insider wrote.

These are the type of extensions that either violate the web store policies or contain malware.

Out of approximately 346 million users who had downloaded these types of extensions during the nearly three year period between July 2020 and February 2023, 280 million of these downloads involved extensions with malware, according to the report.

However, Google itself claimed this is not the case. Less than 1% of all installs from the Chrome Web Store, numbering to 250,000 were found to include malware in 2024, Google had written in its blog post on June 20, 2024.

Google Chrome currently is the most popular browser worldwide, with a market share of 65.12%, according to Statcounter data.

How to protect yourself from malware through extensions?

These are some of the ways you can protect yourself from malware attacks through extensions, according to Google’s blog post:

1. Review new extensions. Verified and featured badges are awarded by the Chrome team to extensions that follow the best technical practices.
2. Look at ratings and reviews from users.
3. Look at privacy practices, including information about how an extension handles your data.
4. Be careful of sites that try to quickly persuade you to install extensions, especially if the site has little in common with the extension.
5. Review extensions you’ve already installed.
6. Uninstall extensions that you no longer use.
7. Compare an extension’s stated goals with the permissions requested and the privacy practices published by the extension.
8. Limit the sites an extension has permission to work on.
9. Enable Enhanced Protection in the Chrome browser.