This is dirty. Hackers are uploading malicious Chrome extensions to the official Google Chrome Web Store in hopes of tricking people to download them. Once downloaded, the extensions have the ability to completely hijack Facebook accounts.
Even worse, those malicious Facebook-jacking extensions are advertised on Facebook! The ads claim that it’s possible to change the colour of your Facebook profile page, track profile pages and presumably add unicorns and vajazzling to it too. Of course, some unsuspecting tween might fall for it, get re-directed to the official Chrome Web Store page and assume all extensions are safe because they’re on the official Google page. Unfortunately, they’re not. The extension will hijack your Facebook account, spam your friends about this new extension, and then Like pages without you knowing. It’s a dirty process done by people who sell Likes to companies.
So the next time you’re downloading a Chrome extension, be wary. One of the dirty extensions was actually labelled Adobe Flash Player too, so you have to double and triple check everything you put onto your browser. [Secure List via Computer World]