Web Developer Google Chrome extension

The developer of a very popular Google Chrome extension has regained access over his tool after an unknown hacker had managed to hijack his developer account and push a malicious version that contained adware.

The extension's name is Web Developer, a tool developed by Chris Pederick, Director of Engineering at Bleacher Report. The extension overlays a popup with various debug tools that developers can use when building or editing their websites.

Extension developer fell for a phishing email

According to Pederick, on August 2, he fell for a phishing email that allowed an unknown hacker to take over his Google developer account.

The hacker used this access to insert malicious code inside the Web Developer extension and push out an update (v0.4.9) to the extension's one-million-strong userbase.

The update inserted ads inside sites users were visiting. The malicious update was live only a few hours, as Google engineers intervened and took down the extension.

Developer releases clean version. Update to v0.5!

Late in the evening, on the same day, Google reactivated the extension after Pederick regained access over the developer account and released Web Developer version 0.5 that removed the adware code.

Pederick also runs Firefox and Opera versions of the same extensions. These were not affected.

The developer did not respond to a request for comment from Bleeping Computer in time for this article's publication. [UPDATE: Pederick has told Bleeping Computer he decided to publish a blog post detailing a timeline of events.]

Over the weekend, someone compromised another Chrome extension in the same way. The owners of Copyfish — on OCR extension for Google Chrome — also fell for a phishing email and someone took over their developer account. The hijackers did the same thing and used the developers' account to push a malicious update that inserted ads on the websites Copyfish users were trying to view.

Related Articles:

Malwarebytes Browser Extension Blocks Malware, Scams, Ads, & Trackers

Google's Removing the file:// Scheme from Chrome's Address Bar

Chrome 69 Shows the WWW & M Subdomains Again, but It’s Only Temporary

Windows 10 Test Halts Competing Browser Installs, Suggests Edge Instead

BEC Scammer To Serve Five Years And Pay $2.5 Million