The popular Chrome extension The Great Suspender contained malware and was therefore removed from the Chrome Web Store. The Great Suspender paused unused tabs in the browser and forcibly unloaded their resources to free up memory.
This simple tool has gained immense popularity and has been installed over 2,000,000 times.
“With the abrupt removal of The Great Suspender extension, users who had suspended tabs were upset that they could not access them again”, — writes Bleeping Computer.
According to Bleeping Computer, in the summer 2020, the developer of The Great Suspender sold his brainchild to an unknown organization, since he did not have time to support the project.
Even then, many were suspicions about buyers, because someone paid money for a free open source extension that did not bring profit to the developer. The fact is that in the past, such deals have more than once led to the fact that new owners began to spy on users or inject ads into their browsers.
Unfortunately, this time the story seems to be developing in a similar scenario. So, back in October 2020, the new owners of The Great Suspender updated the extension to version 7.1.8, which included scripts that track user behaviour and execute arbitrary code received from a remote server.
“These suspicious changes were quickly noticed by Microsoft experts, after which the extension was removed from the Microsoft Edge Store, and then a new version 7.1.9 was released, already without malware”, – reported Bleeping Computer journalists.
What happened is now anyone’s guess, as last week Google simply declared The Great Suspender to be malicious without giving any reason.
It is unclear whether Google specialists discovered additional malicious scripts to the code or belatedly responded to what happened earlier and the concerns of the community.
Perhaps some users will be comforted by the fact that version 7.1.6 can still be found on GitHub (the last release of the real developer The Great Suspender, which does not contain malicious scripts).
To install an extension, you will need to do so in Chrome developer mode, which is not recommended as it removes the security benefits offered by Google’s extension verification process.
Let me remind you that I also said that Jupyter malware steals data from Chrome browsers.