Google tackles top security complaint among Chrome users

Users say browser settings are being hijacked by malicious code hidden in free downloads

Google is bolstering its defenses against what it says is the number one complaint among Chrome users, the hijacking of browser settings by malicious code hidden in free downloads such as screensavers, games and video plugins.

[Security experts question if Google's Chrome Apps is worth the risk]

The company is enhancing the Chrome feature that enables users to reset their browser settings to their original defaults in order to remove all malicious plugins and apps. Besides providing the reset option, Google will also alert users when browser settings have been changed and provide the option of one-click reset.

"Alerts about when a Chrome plug-in is trying to change browser settings are one important piece of a defense strategy against malware," Stephen Brunetto, director of product management at security vendor Trustwave, said.

Hackers will often try to change browser settings as part of a click-fraud scheme in which the new settings will direct users to search engine pages or a new homepage. The pages typically try to entice visitors to click on links that the attackers will profit from.

Linus Upson, vice president of engineering at Google, said in a blog post that the number of such click-fraud schemes is growing at an "alarming rate."

"Settings hijacking remains our number one user complaint," Upson said.

The alerts, which will appear at the bottom of the browser window, will only be available on Windows PCs. People who choose the reset option will have to go back and reactivate any extensions, apps and themes they had installed. This can be done by going to the Chrome menu and looking under "More tools [is greater than] Extensions."

Also, some hijacking malware are particularly troublesome, in that they are difficult to remove and sometimes return in a short time and change the browser settings again. In those cases, Upson recommends going to the Chrome help forum for more information on how to remove such programs.

The enhancement is part of Google's Safe Browsing feature that flags websites Google has identified as malicious. The feature automatically prevents downloads from those sites. Google says it flags 10,000 new websites everyday.

For businesses and consumers, preventing users from visiting malicious websites is key to defending against phishing attacks, which is when a hacker sends email designed to trick recipients into clicking on a link to a compromised site.

[Google gets kudos for tossing older Chrome plug-in API]

"The most common and effective security threats facing users today are socially engineered malware and phishing attacks," NSS Labs said in its 2013 security analysis of the major browsers, including Chrome, Internet Explorer, Safari, Firefox and Opera.

Google's Safe Browsing is used by Chrome, Firefox and Safari, which all came within four percentage of each other and were the top three browsers in catching malicious websites. Microsoft IE was a distant 13 percentage points behind the leader.

However, browsers are continuously updated, so standings often change from one study to another.

Insider: How a good CSO confronts inevitable bad news
Join the discussion
Be the first to comment on this article. Our Commenting Policies