Do you use the Chrome extension “Save image as Type?”
If so, you are one of more than one million users who woke up this morning to find out that Google has disabled the extension in your Chrome web browser. Why? According to the prompt informing users that the extension has been disabled, Chrome found that Save image as Type contained malware.
The extension has also been removed from the Chrome Web Store.
Save image as Type was a simple yet popular tool that allowed Chrome users to simply right-click any web image and immediately choose whether to save it as a PNG, JPG, or WebP file.
It’s unclear at this time exactly what nefarious activity the Save image as Type Chrome extension was engaged in. As Android Authority points out, a few Reddit threads popped up over the last few days discussing issues with the extension.
Mashable Light Speed
3 new Google Chrome features to make your work day easier
It does seem like “Save image as Type” users don’t have to worry about any of their sensitive data being stolen by the extension. According to Reddit users who looked into the extension’s code, it appears Save image as Type swapped out affiliate codes for sites like Amazon and Best Buy to steal commissions from its users.
“I dumped the data the extension stored and found the sites it was accessing,” said Redditor AdamConwayIE. “It was using karmanow with over 578 sites ready to go. It would load a site in that hidden iFrame with the affiliate code, and this would replace an existing one in your browser.”
The same extension on the Microsoft Edge browser was flagged for similar behavior more than a year ago on Reddit as well. According to XDA Developers, the Chrome extension appears to have been documented as having the issue for just as long, despite Google previously featuring it on the Chrome Web Store.
An archived page for the since-removed Chrome extension shows that “Save image as Type” had more than one million users. The extension also received more than 1,700 reviews, and had a rating of 4.2 out of 5 stars.
We’ll see if Google allows it back in the Chrome Web Store if the issue is fixed.
Topics
Cybersecurity
Google
