2 min read

Better History Chrome extension goes rogue, hijacks browsers and displays ads


April 05, 2016

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Better History Chrome extension goes rogue, hijacks browsers and displays ads

A third-party Chrome extension, supposed to make management of your browsing history simpler, has been kicked out of the Chrome web store after users accused it of hijacking their browsing, fiddling with links and opening webpages displaying ads.


The Better History extension has been banned by Google, after users began to raise concerns that its behaviour had changed in recent weeks.

The first indication that something was afoot was when commenters on the project’s GitHub page noticed that the extension was requesting more permissions – namely to “Read and change all your data on the websites you visit” – and that the version available on the Chrome Web store was being updated, without updates being made to the code in the GitHub repository.

In other words, the extension was being changed to include more functionality – but it was tricky for typical users to identify what had been changed, and why.

Fortunately, some users were inquisitive and closely examined the new version of the Better History extension, discovering that it was redirecting clicks on HTTP links so that in 50% of the time it would display an additional webpage containing money-making ads. It was also possible for whoever was behind the extension to gather information on users and their online behaviour.

Other extensions were also named as sharing similar code – Chrome Currency Converter, Web Timer, User-Agent Switcher, 4chan Plus, and Hide My Adblocker.

With the level of concern raised, Better History and User-Agent History have been removed from the Chrome web store, and it’s possible that other extensions exhibiting the same behaviour will suffer the same fate.


As Softpedia reports, the extension’s original author Roy Kolak revealed that he had sold Better History “a month or two ago” to its new owners who had made the changes.


Kolak went on to apologise for not informing users that the extension’s ownership had changed hands, and said he would email the user mailing list (which had not been sold) to tell them that the extension had been compromised.

The message is clear – you have to exercise caution about the browser extensions you load just as you would do with the software you install on your PC. Carefully consider the permissions that a browser extension requests, and if you are not comfortable – refuse them.




Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.

View all posts

You might also like