Browser extension poisoning?

[Shane_K]

So there has been some discussion over at Reddit about malware groups approaching extension designers to either affiliate or sell these extensions to them, netting a laundry list of existing users.  Said groups then modify the extensions.  Users have reported all manner of nonsense, from link poisoning and ad injection to botnetting.  

 

Has anyone here heard about or been looking into this?  I did some quick searching and didn't come up with anything similar.

 

Relevant discussions:

http://www.reddit.com/r/technology/comments/1vir7a/chrome_extensions_are_being_bought_out_by_malware/  

http://www.reddit.com/r/IAmA/comments/1vjj51/i_am_one_of_the_developers_of_a_popular_chrome/

[Shane_K]

FYI, a shortlist of known modified extensions for Google chrome:  

 

Add to Feedly
AwesomeNewTabPage
ChromeReload
CrxMouse (supposedly anonymized tracking)
Hola Unblocker
HoverZoom? (FWIW the author denies it)
Neat Bookmarks
ScrollToTopButton
SmoothGestures
Smooth Scroll
Translate Selection
Tweet This Page
Webpage Screenshot Capture
Window Resizer
Youtube Ratings Preview

[Eagleeye]

Another article of interest on this issue is found at the Bluetack Forums.  (Link to article shown below).

 

http://bluetack.co.uk/forums/index.php?showtopic=26026&view=findpost&p=100252

 

Regards,

 

EE