As the creator of several popular Chrome extensions, once you reach about 10,000 installs people will start contacting you to acquire the extension. In particular, I created a native ad detector that was briefly popular[1]. In my experience, acquirers will go after extensions that have permissions to modify any page.
My extensions were open source and had no clear path to monetization, so I can only speculate on how the purchasers planned to recoup their investments. The permissions in these extensions would allow them to inject ads or even collect credentials, etc.
Not saying that the top extension developer does this, but people are definitely making money by collecting innocuous Chrome extensions!
Recently someone has contacted me to publish a dummy Chrome extension with broad permissions, which they would have updated with their code. After declining, they have offered $20k for the job.
It was interesting to see this strategy, they are trying to implicate people to create publisher accounts for them, verified with credit cards that cannot be traced back to them and do not look suspicious. Though the money they have offered seemed too much for the job, I guess they are also trying to hook developers and convince them to do other stuff down the road.
I do get plenty of purchase and monetization offers, some of which I have shared in a blog post [1], but this was a trick I have never encountered before.
SimilarWeb and Jumpshot acquire extensions so they can gather data on the websites you visit. They then sell this data to other companies for marketing/intelligence purposes. I hope Google can close this loophole soon (anyone from Google listening? dustballs)
Chrome extensions are such a massive vector for unwittingly giving away all of your data. The fact that they're near impossible to monetize combined with the fact that people click through the permissions screen so easily makes it a prime target for scraping people's data.
"they're near impossible to monetize "... I would not say so. => Our UI (test) automation/RPA software consists of a totally free open-source extension for web automation plus a paid cross-platform binary file that adds additional desktop automation features. It communicates with the extension itself via native messaging.
The add-on module is available in a limited free and paid fully featured version. It is the classical freemium model, which works well for both, the extension creators and the users.
Search Encrypt is malware[0], and it's install base are generally not consensual users. I've seen it around for a very long time, and Google isn't doing anything about it.
New Tab-hijacking extensions are incredibly pervasive in the Chrome Web Store, and often installed via malicious websites which use arrows and audio cues to demand a user click the "Install" button Chrome pops up in order to resume web browsing.
Yea, the title refers to the author that is prolific by installs (FreeAddon), rather than the author that is prolific by extensions (Chrome HD Themes).
Chrome HD Themes has over 6k published extensions!
If I had a browser that had the content-filtering power of uBlock Origin (uncrippled) built-in but, to avoid conflict of interest, relied solely on the community to build filters, I wouldn't even need extension support.
I like having 1password. And the ability to impersonate other User-Agent strings for broken webpages. Tampermonkey doesn't hurt. And camelcamelcamel... and Stravistix...
Yeah, I kind of like the ability to install extensions for use cases the developer doesn't and can't think of themselves.
They say the list is the most popular extensions by category. RES is in the productivity category and presumably was omitted in favor of the 10 extensions in that category with 10M+ users. And productivity is the largest category so there are probably dozens more in the gap between 10M+ and 2.2M.
[+] [-] typpo|6 years ago|reply
My extensions were open source and had no clear path to monetization, so I can only speculate on how the purchasers planned to recoup their investments. The permissions in these extensions would allow them to inject ads or even collect credentials, etc.
Not saying that the top extension developer does this, but people are definitely making money by collecting innocuous Chrome extensions!
[1] https://www.ianww.com/ad-detector/
[+] [-] dessant|6 years ago|reply
It was interesting to see this strategy, they are trying to implicate people to create publisher accounts for them, verified with credit cards that cannot be traced back to them and do not look suspicious. Though the money they have offered seemed too much for the job, I guess they are also trying to hook developers and convince them to do other stuff down the road.
I do get plenty of purchase and monetization offers, some of which I have shared in a blog post [1], but this was a trick I have never encountered before.
[1] https://armin.dev/blog/2019/08/supporting-browser-extension-...
[+] [-] AznHisoka|6 years ago|reply
[+] [-] wnevets|6 years ago|reply
[+] [-] ajhurliman|6 years ago|reply
[+] [-] a9t9|6 years ago|reply
The add-on module is available in a limited free and paid fully featured version. It is the classical freemium model, which works well for both, the extension creators and the users.
https://ui.vision/x/pricing
[+] [-] egfx|6 years ago|reply
[+] [-] eternalny1|6 years ago|reply
But, you get the benefit of "SSL encryption".
The other features (don't save your search) just seem to make it a bad version of DuckDuckGo.
[+] [-] ocdtrekkie|6 years ago|reply
New Tab-hijacking extensions are incredibly pervasive in the Chrome Web Store, and often installed via malicious websites which use arrows and audio cues to demand a user click the "Install" button Chrome pops up in order to resume web browsing.
MapsGalaxy is another particularly pervasive malware offering: https://chrome.google.com/webstore/detail/mapsgalaxy/ijjnmdp... (Just adding this one here in case someone from Google sees this comment and can nuke both from orbit.)
[0] https://blog.malwarebytes.com/detections/rogue-searchencrypt... and any search result should give you some idea: https://duckduckgo.com/?q=search+encrypt&t=ffab&ia=web
[+] [-] nbar1|6 years ago|reply
Original comment: That "developer" is Chrome HD Themes and the extensions are themes.
[+] [-] flysonic10|6 years ago|reply
[+] [-] flysonic10|6 years ago|reply
Chrome HD Themes has over 6k published extensions!
[+] [-] kgwxd|6 years ago|reply
[+] [-] loeg|6 years ago|reply
Yeah, I kind of like the ability to install extensions for use cases the developer doesn't and can't think of themselves.
[+] [-] ummonk|6 years ago|reply
[+] [-] amelius|6 years ago|reply
[+] [-] flysonic10|6 years ago|reply
[+] [-] flysonic10|6 years ago|reply
- The most popular category is “Productivity” accounting for ~40k extensions and 676M installs
- Google itself authors 155 extensions accounting for ~133M installs
[+] [-] warent|6 years ago|reply
[+] [-] stanislavb|6 years ago|reply
If you are interested, it might be helpful to you. It's contributing to the winning "Productivity" category. It lets you see the competitors of almost any software product. Contextually. https://chrome.google.com/webstore/detail/alternative-to-by-...
[+] [-] phit_|6 years ago|reply
[+] [-] Mathnerd314|6 years ago|reply
[+] [-] flysonic10|6 years ago|reply
[+] [-] point78|6 years ago|reply
[+] [-] flysonic10|6 years ago|reply
[+] [-] Ftuuky|6 years ago|reply
[+] [-] flysonic10|6 years ago|reply
[+] [-] crispyporkbites|6 years ago|reply
[deleted]
[+] [-] unknown|6 years ago|reply
[deleted]