Users of the SafeBrowse extension for Chrome started noticing heavy CPU usage and PC slowdowns after updating to version 3.2.25. The extension claims to protect users by disabling ads that cover the entire screen and bypassing interstitial ads used by URL redirectors such as Adfly and Linkbucks. However, the latest update seems to include a feature that would qualify as malware on its own.
The extension is effectively acting as malware, turning PCs into zombies that are part of a giant worldwide botnet. While there might not be any malicious intent, users are unwittingly suffering while someone else makes money.
SafeBrowse now appears to have been taken down from the Chrome Web Store, as searches now lead to a 404 error page but Google still caches the original page, which shows that the extension had over 140,000 users as of September 19. The SafeBrowse team has responded to the controversy claiming that it has not released any updates for several months and this must be the work of a third-party hacker. Version 3.2.1 is the last updated listed on the official website. If true, this opens up the possibility of other Chrome extensions being used as vectors to infect millions of PCs worldwide despite Google’s best efforts.
Users who have SafeBrowse installed can get rid of it by going to the Extensions page which is found under More Tools in the Chrome menu, or by right-clicking its icon next to the address bar and selecting Remove from Chrome.