New Update Nano Adblocker and Nano Defender to change ownership

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Unlimited access to all your browsing data. All you can eat data access.

Should you really be trusting *any* extension that has this much access.

Time to reevaluate *all* your existing extensions/add ons, FOSS or not.
 

Gandalf_The_Grey

Level 76
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,506
I wonder how many less-savvy users still have these extensions installed? Must be tens of thousands at least.
I don't know how it is with other browsers but like @insanity posted they are now disabled on Google Chrome.
I wonder for example on Edge it is possible to install extension from another (Google Chrome) store, will they also get disabled?
That could be a case for only using the browsers own extension store.
 

oldschool

Level 81
Verified
Top Poster
Well-known
Mar 29, 2018
7,044
F

ForgottenSeer 85179

I don't know how it is with other browsers but like @insanity posted they are now disabled on Google Chrome.
I wonder for example on Edge it is possible to install extension from another (Google Chrome) store, will they also get disabled?
That could be a case for only using the browsers own extension store.
this need to be allowed manually first. The average user doesn't even know the switch so i think that the risk on Edge is less as that kind of users know already about the problem with that extension.
 

Azure

Level 28
Verified
Top Poster
Content Creator
Oct 23, 2014
1,712
Good that Google disabled those extensions, because now some suspicious/malware activity seems to have taken place:


From Ars Technica:

I would like to emphasize this part of an article there

"please stop harassing both developers. eSolutions Nordic AB and Hugo Xu have expressed (privately and publicly) that they deeply regret these transactions, and that they never meant to sell their users into this infection. Both parties take pride in their work, which has now been violated by someone who would take advantage of them and the community they’ve built for nefarious purposes."

I hope they are able to get pass this.
 

Lenny_Fox

Level 22
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
I would like to emphasize this part of an article there

"please stop harassing both developers. eSolutions Nordic AB and Hugo Xu have expressed (privately and publicly) that they deeply regret these transactions, and that they never meant to sell their users into this infection. Both parties take pride in their work, which has now been violated by someone who would take advantage of them and the community they’ve built for nefarious purposes."

I hope they are able to get pass this.

OKay in general I am not in favor of harassing people, but to be honest, anyone with a tiny bit of customer care would have actively informed their user data base about the ownership transfer in time (with a decent lead time). So I can understand the angry feelings of some of their users. After all the developers got paid (for code they copied 95% of GorHill) and gave their users an infection as reward.
 

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,815
anyone with a tiny bit of customer care would have actively informed their user data base about the ownership transfer
The issue is there's no real way for extension developers to contact their entire userbase.
The only way I can think of is to add a display notifications permission to the extension and then use that to communicate the ownership change. (I'm ignorant of the restrictions placed on extensions so I don't know whether this kind of mass notification would be allowed or not.)

Regardless, while I agree the developers don't deserve to be harassed, they do deserve to be criticized. What they did was irresponsible and demonstrated either an ignorance of the risks selling their extensions could pose, and/or a complete disregard for their users' safety.
 
Last edited:

jacemace

Level 1
Apr 17, 2014
10
Thank you to Gandalf_The_Grey for posting the information about user agent switcher (I had known previously about the nano extensions situation).
I had user agent switcher in a browser, and have now uninstalled it. Thank also for posting the links about infected extensions.

Because of this, I have now decided to add all my extensions in chrome browsers via load unpacked. To do this I will download the crx and put the file in a zip archive - unzip the extension into a folder and on the extensions tab turn on developer mode - and then add the unzipped files through the load unpacked button. If I want to update, I will download and inspect the latest crx, and load it as unpacked.

I have decided to do this after reading the link you posted "Help for Users Impacted by Infected Extensions" - where the writer explained that fraudulent malware operators have been posing as anonymous new developers asking to purchase the rights to the extensions. Then they update it and put in malicious payload codes, and add the update to the chrome web store - and then chrome automatically updates the extension with the malware in it - without any user knowledge or input.

So, as stated, from now on I will only add extensions through the load unpacked button - and manually install new updates after inspecting the updated crx file added to the chrome web store - although this process will take longer.

A side note - some chrome browsers do not auto update extensions - iridium is one of them.


Thanks again.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top