软餐获悉,一位 Google 的软件开发人员发布了一个 Chrome 扩展程序,它可以在扩展的所有者发生变化时向用户发出警告。如果扩展的所有者信息发生变化,这枚名为”Under New Management” 的扩展(主页)图标旁将显示一个红色警告标志。开发者称,该扩展每小时检查一次 Chrome Web Store 中已安装扩展的开发者信息是否有变化。也就是说,只有 Chrome Web Store 上的所有者信息更新,用户才会收到通知。开发者同时还在开发 Firefox 版本。
历史上经常发生浏览器扩展易主导致的攻击事件。被第三方收购后,新的所有者可能向扩展添加恶意代码/跟踪器以攻击或跟踪用户。例如被出售的知名扩展 The Great Suspender。
A software developer at Google has released a Chrome extension that alerts users when there is a change in the ownership of the extension. If there is a change in the extension’s ownership information, a red warning sign will be displayed next to the extension icon called “Under New Management.” The developer stated that the extension checks the developer information of installed extensions in the Chrome Web Store every hour for any changes. In other words, users will only receive a notification if there is an update to the ownership information on the Chrome Web Store. The developer is also working on a Firefox version of the extension.
In the past, there have been incidents of attacks related to changes in ownership of browser extensions. After being acquired by a third party, the new owner may add malicious code/trackers to the extension to attack or track users. For example, the well-known extension “The Great Suspender” that was sold.