Advertisement
Advertisement

Google removes 200 rogue Superfish-style browser extensions: here's how you can avoid them

Michael Passingham
8 Apr 2015
Advertisement

New research suggests millions of web users are infected with ad-injecting add-ons, so we show you how to check you're clean

More than 5% of web users have been infected with potentially unwanted, Superfish-style "ad injectors", according to research from Google and the University of California. According to the BBC, Google has removed almost 200 extensions from the Chrome web store for failing to disclose that they inject these extra ads into pages.

In a post on the Google Online Security blog at the end of March, Google software engineer Nav Jagpal explained that users who thought they were installing free, useful browser extensions were also unwittingly also adding unwanted extra advertising to all the pages they visit online.

Further reading: Lenovo Superfish adware – what is it, what does it do and how do you get rid of it?

The research, which looked specifically at visitors to Google-owned websites, found that more than 5% of people had at least one unwanted ad injector installed, with nearly a third of those having at least four ad injectors installed.

Ad injectors come from a variety of sources, including free software downloads, browser extensions and even from software installed on your laptop when you bought it. While not always malicious, they slow down the loading of web pages and will clutter up otherwise relatively clean web pages with advertising you probably don't want to see.

How to remove extensions from your browser

If you suspect that your web browser has fallen victim to a dodgy extension, the best way to troubleshoot is to disable all extensions and re-enable them one-by-one.

In Google Chrome (below, left), this can be done by clicking the menu (three horizontal lines) button, and selecting More Tools > Extensions. In Mozilla Firefox, (middle), click the menu button and select Add-Ons and then Extensions. In Internet Explorer (right), click the gear icon and select Manage Add-ons.

Chrome, Firefox and IE extension menus

From here in each of the browsers listed above you can manage your extensions. Disable all of them to begin with and then enable one at a time, visiting a few websites to check whether the ads have reappeared. When you've pinpointed the extension that's causing problems, uninstall it from the menus described above.

It's also worth checking your other extensions for what permissions they have. Some seemingly simple add-ons can have some fairly lengthy permissions that allow them to do a lot more than you think.

Google Chrome extension permissions

In the Chrome Extensions menu you can click Details on each extension to see what it's allowed to do. Internet Explorer and Firefox don't give quite so much information about permissions, so the best way to combat rogue add-ons is to only install those that come recommended by the browser, such as in Mozilla's Featured Add-Ons section.

Take this opportunity to clear out extensions you don't really need. If you're having performance issues when browsing the web, an add-on is likely to blame, so it's worth taking the time to see which ones are slowing you down.

Of course, not all malware takes the form of browser extensions. Indeed, the Superfish software that caused Lenovo so many problems earlier this year was a separate piece of software. You should run a virus scan on your PC if you're unable to find the source of dodgy extra advertising. If you don't have virus protection, check out our list of the best internet security software for 2015.

Read more

News