Chrome Extensions Exploit Keyword Manipulation Loophole
Recent investigations by Wladimir Palant reveal that many Chrome Web Store extensions exploit a loophole to manipulate search rankings by using misleading descriptions and irrelevant keywords. This tactic clutters search results with unrelated or dubious extensions, leaving legitimate ones buried under unrelated listings.
The manipulation hinges on Chrome Web Store's multilingual support. Developers can specify localized descriptions for their extensions in any of Chrome's 55 supported languages. Some exploit this by cramming less-used language fields—like Swahili or Estonian—with keywords targeting competitors or popular terms. These keywords then affect search results globally, even in unrelated languages like English.
For instance, a search for “Norton Password Manager” initially displayed unrelated extensions at the top, such as VPNs and discount finders, with the legitimate Norton extension buried last.
Although Google's policy explicitly prohibits spam and abuse, enforcement has been lax. Some of these abuses were reported as early as 2023, and Google has made some adjustments, yet the problems persist.
