Amit, a professional blogger from India, sold a very popular Chrome extension recently to an anonymous user. Little did he know that in a month’s time, his extension, used by 30000 plus users will be used as a tool to inject advertisements and affiliate links to websites users visited.
Add to Feedly is an unofficial extension which adds an icon to your Chrome toolbar giving a shortcut to add websites your Feedly account. If you are using this extension, uninstall it right away because this is the villain of our story.
Here is what happened to the extension after the scammer bought it from Amit:
One morning I got an email from someone ( I tried Googling her name but it returned no results ) asking me if I would be interested in selling the Feedly Chrome extension. It was a 4-figure offer for something that had taken an hour to create and I agreed to the deal. I had no clue about the buyer and was also curious to know why would anyone pay this kind of money for such a simple Chrome extension.
The extension was sold, they sent the money via PayPal and I transferred the ownership of the extension to a particular Google Account. It was a smooth transition.
A month later, the new owners of the Feedly extension pushed an update to the Chrome store. No, the update didn’t bring any new features to the table nor contained any bug fixes. Instead, they incorporated advertising into the extension.
These aren’t regular banner ads that you see on web pages, these are invisible ads that work the background and replace links on every website that you visit into affiliate links. In simple English, if the extension is activated in Chrome, it will inject adware into all web pages.
If you are a user, keep an eye out for Chrome extensions like this. Be sure to read at lease a few recent comments on the Chrome Webstore from its users.
If you are a developer, be extra cautious if you get such requests.
Read the complete story here.