FYI: There are thousands of Chrome extensions with so, so many fake installations to trick you into using them

Unethical developers drum up bogus user counts to gain trust


Efforts to manipulate installation counts in Chrome Web Store extension listings appear to be alive and well, despite a developer's personal crusade to call attention to the problem.

Julio Marin Torres has been highlighting suspiciously popular Chrome extensions since January in posts to the Chromium Extensions forum, trying to get Googler to enforce their store policies.

In an email to The Register, he said Google has taken some action since his initial posts on the subject, but the problem has only gotten worse since then. "Something has to change," he said. "I think this hurts the entire Chrome Store developer and user community."

There are still thousands of extensions in the Chrome Web Store that artificially inflate their user count statistics, to make store visitors more inclined to believe the extensions are widely used and trustworthy.

What happens after installation of one of these over-hyped extensions may just be a deluge of ads for users. For example, the AdBlocker for YouTube extension injects a JavaScript file for every webpage visited once installed. The code looks like it's a scaffold for showing ads.

Google Chrome logo

Better late than never... Google Chrome to kill off 'tiny' number of mobile web ads that gobble battery, CPU power

READ MORE

But Torres suggests there's a risk this code could later be updated after the extension is widely installed to do something more nefarious. Torres has been gathering Chrome Web Store data and crunching the numbers to identify sudden surges in popularity.

A list he posted on May 17 includes more than 80 Chrome extensions that purport to have massive numbers of users and yet have few if any user reviews. For example, the Fortnite New Tab & Wallpapers Collection has over a million users and not a single person has bothered to post a review.

In another post over the weekend, he identified the top 10 extensions with the most fake installations in the past 24 hours. In a day, the Naruto Wallpaper HD Custom New Tab gained over 223,000 users, an increase of more than 800 per cent.

Other developers who have looked at the data say they've seen the same thing. The assumption is that unethical developers are spinning up virtual machines to download the extensions, to make them appear to be more popular in Chrome Web Store stats.

Torres said his efforts may be a lost cause because the abuse has been going on for so long, but his complaints haven't gone unnoticed. Several individuals – based in Russia to judge by the presence of Russian words in their forum replies yet sporting names that are common in the US – have tried to discourage him from speaking out by suggesting it's a waste of time to call attention to the problem.

"I see that most extensions or accounts with fraudulent installs come from developers from Russia," he wrote.

Torres said the buying and selling fake users involves bad developers, companies, crime groups, and bot farms, especially in China, India, and Russia. He provided The Register with a screenshot of a chat, see below, with an individual going by the name "Aleksey" offering fake installations for a monthly fee.

Other extension developers participating in the discussion have thanked Torres, noting that it's odd to criticize efforts to improve the Chrome Web Store unless you're part of the problem.

"From another perspective it adds insult to injury so to speak... seeing as how a lot of us 'legit' extension authors are struggling from week to week to get legitimate updates approved in this bizarrely broken review process while at the same time seeing so many fraudulent or simply 'spammy' extensions get through / staying published.... super demotivating…," an individual posting under the name SoerenM wrote on Wednesday.

"In the end I think that the Chrome Web Store does not take good care of its developers and forgets the most important thing: the users," said Torres.

Google did not immediately respond to a request for comment. ®


Other stories you might like

  • Twitter founder Dorsey beats hasty retweet from the board
    We'll see you around the Block

    Twitter has officially entered the post-Dorsey age: its founder and two-time CEO's board term expired Wednesday, marking the first time the social media company hasn't had him around in some capacity.

    Jack Dorsey announced his resignation as Twitter chief exec in November 2021, and passed the baton to Parag Agrawal while remaining on the board. Now that board term has ended, and Dorsey has stepped down as expected. Agrawal has taken Dorsey's board seat; Salesforce co-CEO Bret Taylor has assumed the role of Twitter's board chair. 

    In his resignation announcement, Dorsey – who co-founded and is CEO of Block (formerly Square) – said having founders leading the companies they created can be severely limiting for an organization and can serve as a single point of failure. "I believe it's critical a company can stand on its own, free of its founder's influence or direction," Dorsey said. He didn't respond to a request for further comment today. 

    Continue reading
  • Snowflake stock drops as some top customers cut usage
    You might say its valuation is melting away

    IPO darling Snowflake's share price took a beating in an already bearish market for tech stocks after filing weaker than expected financial guidance amid a slowdown in orders from some of its largest customers.

    For its first quarter of fiscal 2023, ended April 30, Snowflake's revenue grew 85 percent year-on-year to $422.4 million. The company made an operating loss of $188.8 million, albeit down from $205.6 million a year ago.

    Although surpassing revenue expectations, the cloud-based data warehousing business saw its valuation tumble 16 percent in extended trading on Wednesday. Its stock price dived from $133 apiece to $117 in after-hours trading, and today is cruising back at $127. That stumble arrived amid a general tech stock sell-off some observers said was overdue.

    Continue reading
  • Amazon investors nuke proposed ethics overhaul and say yes to $212m CEO pay
    Workplace safety, labor organizing, sustainability and, um, wage 'fairness' all struck down in vote

    Amazon CEO Andy Jassy's first shareholder meeting was a rousing success for Amazon leadership and Jassy's bank account. But for activist investors intent on making Amazon more open and transparent, it was nothing short of a disaster.

    While actual voting results haven't been released yet, Amazon general counsel David Zapolsky told Reuters that stock owners voted down fifteen shareholder resolutions addressing topics including workplace safety, labor organizing, sustainability, and pay fairness. Amazon's board recommended voting no on all of the proposals.

    Jassy and the board scored additional victories in the form of shareholder approval for board appointments, executive compensation and a 20-for-1 stock split. Jassy's executive compensation package, which is tied to Amazon stock price and mostly delivered as stock awards over a multi-year period, was $212 million in 2021. 

    Continue reading

Biting the hand that feeds IT © 1998–2022