Google Chrome to Use Machine Learning to Protect Users From Malicious Extensions

Google has introduced a new method to detect confusing and deceptive browser extensions on Chrome. In the next few weeks, Google will start using machine learning as an expansion of abuse protection to reduce harm to Chrome users. The search giant will upgrade its automated inline installation abuse detection features to find out malicious extensions.

The search giant already has an extension-level protection but it will now incorporate machine learning to look at each inline installation request for bad signals in ads and webpages. Once Chrome detects the signals, it will selectively disable the request and redirect users to the extension page on the Web Store. This will ensure that inline installation of the extension from non-deceptive sources is not affected.

In 2011, Google had introduced inline installation to enable users to easily install extensions from developers’ websites. Earlier, when a user visited a particular website they had to navigate away in order to download an app or extension. However, after Google Chrome 15, users did not have to leave the site. But, the mechanism has been abused by attackers to trick users into downloading malicious extensions.According to this error message, the computer has been infected with a type of “Pornographic malware”. It is also stated that personal information (logins/passwords, etc.) is at risk, and that closing the pop-up will disable access to the computer. It goes on to say that the malware must be eliminated and victims are encouraged to contact Google’s ‘tech support

In the year 2015, Google had started to disable inline installations in Chrome in cases of misleading or deceptive install flows. As a result, Google says, “User complaints have been reduced by 65 percent since the start of this disabling initiative. Fewer than 3 percent of extensions still engage in these deceptive or confusing install flows.”Google Chrome Warning Alert” is a fake error message displayed by a malicious website that users often visit inadvertently – they are redirected by various potentially unwanted programs (PUPs) that infiltrate systems without consent. As well as causing redirects, PUPs deliver intrusive advertisements and continually record various user-system information.

However, Google added that these few extensions generate 90 percent more user complaints on an average than the remaining extensions on the Chrome Web Store. The automated enforcement system is in place to be responsive to user feedback, Google says.

Google has posted some FAQs to help developers understand the new policy. The company has said that the expanded protections will roll out starting in a few weeks.

You may also like