Bad Piggies, the latest game in the Angry Birds franchise, has become the biggest download in both the Apple App Store and Google Play. One place this popular title is missing is online. Rovio decided not to create a Chrome Store version of the game or an online playable version. If you were to take a look in the Chrome store, however, and not pay any attention to detail, you would have no idea because of the dozen or so impostors.
While impostor software is a problem in general, especially in the open app stores (Google Play and Chrome in particular), these pose an even bigger problem. According to Barracuda Networks, these fake titles all contain malware and have, as of now, affected upwards of 100,000 Chrome users. Once infected, the user's browser will display ads in places where they are not intended to be, and certainly not provided by the content producers whose page they appear on.
Hit the break for information on the malware and how you can prevent it on your computer.
Jason Ding from Barracuda Networks said about the malware,
Special code in the plug-in checks to see if the page originates with Yahoo and if so, inserts its own ad from playook.info. The plug-in authors can acquire all the web data when users browse the Internet with Chrome and then misuse users information, such as stealing and selling user email addresses and online credit card information.
Because of the Google Chrome Web Store's submission policies, an initial $5 fee followed by free app listings, it is easy for anyone to publish malicious code for any gullible user to install onto their computers. Unlike the Android store, which has been plagued by its own series of app security disaster, people store actual data on their computers. Easily installed malicious code can cause a lot more damage on a computer than on a phone or tablet. Google's lazy attitude normally only creates inconveniences, but if left unchecked, this one can cause a lot of damage.
Obviously there is only one way to prevent getting the malware - don't install infected software. My overall recommendation to prevent attacks like this is to not install any software from the Google Chrome Web Store until Google changes its policy on software approval, or the lack thereof. Only if people stand up for their own safety will Google do the right thing because, come on, when does Google ever do the right thing until they are backed into a corner, right?