Repair Centre Location:

Motherwell | North Lanarkshire

TTG Phone Number:

01698 533212

Customer Service Email:

cs@thetechguys.site

Tag Archive

The Great Suspender Chrome extension's fall from grace

The Great Suspender Chrome extension’s fall from grace

Google has forcibly uninstalled the immensely popular ‘The Great Suspender’ extension from Google Chrome and classified it as malware.

The Great Suspender is a Chrome extension that will suspend unused tabs and unload its resources to decrease the browser’s memory usage. When a user is ready to use the tab again, they simply had to click it on to make it visible.

This extension was immensely popular with over 2,000,000 users and has consistently been a recommended extension due to its ability to reduce Chrome’s memory usage.

When Google removed it on Thursday, users were left with a message stating that “This extension contains malware,” but not providing any further context on how to recover their suspended tabs or why they removed it.

The Great Suspender Chrome extension's fall from grace

With the abrupt removal of The Great Suspender extension, users who had suspended tabs were upset that they could not access them again.

It is possible to see a list of suspended tabs through Chrome’s built-in History feature and use that list to recover the URL of the suspended web page.

Instructions on how to do this, as well as other methods, can be found on this support page.



The Great Suspender’s fall from grace

In June 2020, the developer of The Great Suspender sold the extension to an unknown entity as he did not have the time to properly maintain the project.

At the time, users were suspicious of the sale was suspicious as to why someone would purchase a free open-source extension that did not generate any revenue for the developer.

As free extensions have been purchased in the past and then monetized with malicious changes, such as injecting ads or stealing information, users were concerned the same would happen with The Great Suspender.

Unfortunately, the user’s concerns were justified when the new maintainer updated the extension in October 2020 to release version 7.1.8, which included scripts that tracked the user’s behaviour and executed code retrieved from a remote server.

This malicious activity led to Microsoft removing the Microsoft Edge Store extension and a new 7.1.9 version to be released without the malicious scripts.

The extension, though, continued to remain in the hands of these unknown developers, who could introduce malicious code at a later date, potentially without users’ noticing.

On Thursday, Google pulled the Chrome Web Store extension as malware but has not provided any reason for doing so. It is not clear if Google discovered additional malicious scripts or reacted to its history and the community’s concerns.

For those who truly want to use The Great Suspender extension, the GitHub project page continues to offer version 7.1.6, which is the final release of the extension when owned by the original developer and does not contain malicious scripts.

To install the extension, you will need to do so through Chrome’s developer mode, which is not recommended as it removes the security benefits offered by Google’s extension review process.

Google Shares More Details About Trailblazing Attacks On Android And Windows Devices

Google shares more details about trailblazing attacks on Android and Windows devices


Google shares more details about trailblazing attacks on Android and Windows devices



Advice from Google once again highlights the importance of keeping all your devices updated


Google has published an extensive report about a sophisticated attack that targeted both 
Android
 and Windows devices.


The report is part of a series of blog posts dubbed “In-the-Wild” that are produced jointly by Google’s zero-day bug-hunting team, Project Zero, together with the Google Threat Analysis Group (TAG).


The investigation found that devices lacking the latest security updates were once again easy prey to hackers.




Complex and well-engineered


The 

first post

 shares extensive details about the attack that Google got wind of in early 2020.


the attacks were carried out using two exploit servers, each of whom used a different exploit chain to compromise potential targets, via what is known as 

watering hole attacks

. While one server targeted Windows users, the other focused on Android. 


The post also reveals that both exploit servers used 

vulnerabilities in Google Chrome

 to compromise the victim’s browser, before deploying an OS-level exploit to gain more control over the device. 


After analyzing the well-engineered and complex exploit chains that used innovative exploitation methods, for months, security researchers at the search engine believe that they are the work of a team of experts. 


Given the nature of the attacks, Google believes the attackers had access to Android zero-day exploits, although they couldn’t find any of the exploit servers. In any case, the researchers report that both Google and Microsoft soon
released patches to fix the vulnerabilities, once knowledge of the attack came to light.


“We hope that by sharing this information publicly, we are continuing to close the knowledge gap between private exploitation (what well-resourced exploitation teams are doing in the real world) and what is publicly known,” conclude the
researchers.