Web Developer Google Chrome extension

The developer of a very popular Google Chrome extension has regained access over his tool after an unknown hacker had managed to hijack his developer account and push a malicious version that contained adware.

The extension's name is Web Developer, a tool developed by Chris Pederick, Director of Engineering at Bleacher Report. The extension overlays a popup with various debug tools that developers can use when building or editing their websites.

Extension developer fell for a phishing email

According to Pederick, on August 2, he fell for a phishing email that allowed an unknown hacker to take over his Google developer account.

The hacker used this access to insert malicious code inside the Web Developer extension and push out an update (v0.4.9) to the extension's one-million-strong userbase.

The update inserted ads inside sites users were visiting. The malicious update was live only a few hours, as Google engineers intervened and took down the extension.

Developer releases clean version. Update to v0.5!

Late in the evening, on the same day, Google reactivated the extension after Pederick regained access over the developer account and released Web Developer version 0.5 that removed the adware code.

Pederick also runs Firefox and Opera versions of the same extensions. These were not affected.

The developer did not respond to a request for comment from Bleeping Computer in time for this article's publication. [UPDATE: Pederick has told Bleeping Computer he decided to publish a blog post detailing a timeline of events.]

Over the weekend, someone compromised another Chrome extension in the same way. The owners of Copyfish — on OCR extension for Google Chrome — also fell for a phishing email and someone took over their developer account. The hijackers did the same thing and used the developers' account to push a malicious update that inserted ads on the websites Copyfish users were trying to view.

Related Articles:

Google Adds New Rules To End Malicious Chrome Extensions

Speech Synthesis API Being Restricted in Chrome 71 Due to Abuse

Russian Banks Under Phishing Attack

Internal Chrome Page Shows All Google Interstitial Warnings

Chrome 71 Will Warn Users about Deceptive Mobile Billing Pages