Skip to main content

“Better History” Google Chrome Extension Might Be Redirecting Your Browser

By April 15, 2016May 26th, 2021Blog, Technology News

your_google_chrome_extension_might_be_redirecting_your_browsingIf you use Google Chrome, you might have the “Better History” extension installed. If you do, and you’ve upgraded it recently, you’ve probably seen a large influx of advertising on your screen. Yes, you guessed it, hackers have found yet another avenue of attack, this time, co-opting browser extensions.

In this particular case, the browser extension was legitimate, and actually served a useful function, enabling users who installed it to organize and track the pages they visit, so they could more easily get back to a page they’d visited sometime earlier.

Unfortunately, the person who initially developed the extension sold it to an unnamed party. That party modified the extension itself, but did not modify the files on the GitHub repository, making it appear that the extension was unchanged.

One of the scripts added was called “common.js” which intercepted a user-entered URL, redirecting to a page filled with advertising, for which the extension’s new owners received compensation. In addition to that, the page users were redirected to allow unwilling visitors to be tracked further, providing valuable information to the extension’s new owners, which could be sold/traded/etc.

The user community has complained loudly about the issue, and since then, the Better History extension has been removed from circulation. Unfortunately, the damage does not stop there. Reddit user “Scarazer” reports that the same code (“common.js”) can be found on numerous other Chrome extension, including 4chan Plus, Chrome Currency Converter, Hide My Adblocker, User-Agent Switcher, and Web Timer, indicating that the same “acquire and modify” strategy may have been more widely used than initially thought.

What’s particularly disturbing about this line of attack is the fact that most people don’t give a second thought to the installation of browser extensions, which add a variety of useful, and often essential functionality to the core program. Now, however, it appears that even these are not safe. If you have noticed a higher number of ads or have been redirected to sites you did not intend to visit, you may want to get your computer checked for these extensions or other types of infections. Feel free to reach out to our team to schedule a thorough check and cleanup.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.