Google guns down nasty Chrome extensions

Chrome extensions can now only be installed via the Chrome Web Store after people complained that dodgy apps were crippling the browser.

Malicious Chrome extensions can change settings, install adware and run malicious plugins, which can be a major security and privacy risk.

Google has said it is finally cracking down on rogue apps by blocking their installation. The company first announced its intention to take action in November last year.

From now on Chrome extensions can only be installed if they are hosted on the Chrome Web Store. The change will only affect Windows users with some previously installed extensions automatically disabled.

Malicious Chrome extensions have been wreaking havoc, with little to no oversight provided by Google. Some popular extensions have been sold on by their original developers to dodgy companies. These firms then change their code to coat web pages in adverts in an attempt to make money from unwitting users.

“Malware can change how browsers work by silently installing extensions on your machine that do things like inject ads or track your browsing activity,” explained Erik Kay, engineering director at Google.

App developers currently hosting their extensions outside of the Chrome Web Store will need to move it with users required to reinstall any old extensions that have been disabled.

So-called browser overrides that replace new tab pages and home pages are the leading cause of complaints against Chrome from Windows users.

Google said that allowing extensions to install from outside the Chrome Web Store made it “difficult to limit the damage they can cause”.