I have always recommended downloading your browser extensions and mobile apps from the official web app stores provided by Google, Apple and Mozilla.
After all, they do take great pains to ensure that the extensions and apps they allow into their repositories are safe and malware-free.
I still recommend that you limit your downloads to those official repositories, but I need to tell you about a disturbing trend that’s taking place right now.
Google, Apple and Mozilla do a great job at preventing malicious extensions and apps from being approved and placed in their repositories, but some downloads that were safe previously have now gone to the dark side and morphed into malware. And the problem is getting worse by the day.
Some of those “good apps gone bad” are being altered by hackers without the knowledge or consent of their original creators, but others are being altered by the creators themselves.
What happens is they’ll submit a truly useful (and safe) app to a repository, then change the app after it becomes popular to cause it to start delivering malware, steal user information or perform some other malicious act.
Still other legitimate extensions and apps are sold to a new owner who will quietly modify the code in a malicious way.
What all of this means is you could well be using a browser extension or mobile app right now that was completely safe when you installed it but is now doing mischief on your computer, smartphone or tablet.
This really hits close to home for me. I’m always testing and reviewing new browser extensions and mobile apps and recommending the ones I find interesting and useful.
Unfortunately, several of the products I’ve recommended over the years ultimately moved to the dark side. That’s why we all need to watch out for “good apps that have gone bad”.
Now I’m not going to suggest that you immediately go and remove every extension and app you’ve installed on your machines. That would be over-kill.
What I do suggest is that you take a few minutes to quickly review of each of your installed extensions and apps to determine if any problems have been reported by others. There are a couple of ways to do this, and I recommend that you do both:
1 – Type the name of the extension or app (followed by the word “extension” or ‘app” as appropriate) into Google and then click the “News” link. If that extension or app has gone to the dark side there just might be news reports about the change.
2 – If nothing bad shows up with the Google search, visit the download page for the extension or app in the appropriate web or app store to see if the latest reviews contain negative comments about the download spreading malware or performing any other dirty tricks.
If there’s any indication at all that an app or extension might be misbehaving I recommend that you remove it from your device.
It would probably be a good idea to repeat these quick reviews of your apps and extensions about once per month.
It’s also wise to limit the number of apps and extensions you use to the ones you truly need and use on a regular basis. After all, every piece of software that’s installed on your device will make it run a little slower and provide another potential avenue of attack for hackers and scammers.
Bottom line: Just because a browser extension starts out legit doesn’t mean it will always stay that way.
Bonus tip #1: Click here to read about several other scams that are making the rounds right now.
Bonus tip #2: Want to make sure you never miss one of my tips? Click here to join my Rick’s Tech Tips Facebook Group!
Do you have a tech question of your own for Rick? Click here and send it in!
If you found this post useful, would you mind helping me out by sharing it? Just click one of the handy social media sharing buttons below.