Posted on 04/04/2016 5:16:04 PM PDT by markomalley
Google has intervened and banned the Better History Chrome extension from the Chrome Web Store after users reported that it started taking over their browsing experience and redirecting them to pages showing ads.
First signs that something was wrong appeared when users updated from version 3.9.7 to 3.9.8 after they were prompted for an extra permission to "Read and change all your data on the websites you visit."
Soon after that, users started reporting that when they clicked on an HTTP link inside a page, they would be redirected through the lnkr.us service to their desired destination, which in 50% of all cases would also open an extra page showing various types of ads. This allowed the author to monetize his extension, but also to collect analytics on users, which he could later sell to online advertisers.Author sold Better History to another company two months ago
Users reported this happening since March 23, 2016. Confronted by angry users on the extension's GitHub repo, the extension's original author revealed that he sold the extension to an unnamed company two months ago, since version 3.9.5.
Better History, in its original version, was a Chrome extension that added extra filters to the user's Chrome History section to make it easier to view and find pages accessed in the past (screenshot below).
As it was later discovered, the extension's new owners stopped adding changes to the extension's GitHub repository, making it look to everyone like the extension never changed, but they secretly added malicious code ever since they bought the add-on.
One of the things they introduced was a new script called "common.js," which installs a proxy extension on the user's browser, used to redirect Chrome traffic.Malicious code might be present in other extensions
Reddit user Scarazer says that this malicious code can also be found in other Google Chrome extensions such as Chrome Currency Converter, Web Timer, User-Agent Switcher, Better History, 4chan Plus, and Hide My Adblocker.
Soon after the revelations about Better History came out, users bound together and reported the extension as malware to Google's staff, who eventually removed it from their store.
From the other extensions suspected of malicious behavior, at the time of writing, only the User-Agent Switcher extension has been taken down.
You can see the extensions you have installed by:
Strange. I’ve never used Chrome, but in the past couple of weeks when I’ve accessed Google I’ve spotted a black banner at the top that says I’m not running the latest version of Chrome and need to update. I just kill the banner.
Tonight, I tried several times to access FreeRepublic. The only thing that would appear was one of those pages listing ads like you described and the page indicated it was coming from TWC.
I finally logged off, shut down and rebooted. Ran my defrag and then tried again and FR came up just fine.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.