Online criminals have been increasing their use of malicious software that can silently hijack browser settings; and Google said this has become a top issue in the Chrome help forums.
In the Canary build of Chrome, any malware Google detects will be flagged and blocked. Users will see a notification message in the download tray at the bottom of their screen, at which point they can click “Dismiss” to clear the alert.
Laying out the standard malware M.O., the company explained what it looks to block: “Bad guys trick you into installing and running this kind of software by bundling it with something you might want, like a free screensaver, a video plugin or – ironically – a supposed security update,” said Linus Upson, Google vice president, in a blog. “These malicious programs disguise themselves so you won’t know they’re there, and they may change your homepage or inject ads into the sites you browse. Worse, they block your ability to change your settings back and make themselves hard to uninstall, keeping you trapped in an undesired state.”
Upson didn’t specify how Google is identifying malicious downloads, or what signature libraries it cross-references.
Other security enhancements include the ability to "reset browser settings" with a button added in the “Advanced Settings” section of last Chrome update, so users can return the browser to a factory-fresh state. And, Google noted that it already flags 10,000 new websites per day with its “Safe Browsing” functionality, which also detects and blocks malicious downloads.
“In some ways, it's safer than ever to be online – especially if you use Chrome,” Upson said. “With continued security research and seamless automatic updates, your browsing experience is always getting better and more secure. Keeping you secure is a top priority, which is why we’re working on additional means to stop malicious software installs as well.”