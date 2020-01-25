The Google security team has suspended publishing or updating commercial Chrome extensions in the official Chrome Web Store indefinitely after a peak in the number of paid extensions involved in fraudulent transactions.

Google said the wave of fraudulent transactions began earlier this month. Google engineers described the fraudulent transactions as “to scale.”

The prohibition on publishing or updating affects all paid extensions. This includes Chrome extensions that require a fee to be paid before installation, extensions that work on a monthly basis or Chrome extensions that use one-time in-app purchases to access various features.

Existing commercial extensions can still be downloaded from the official Chrome Web Store, but extension developers cannot push new updates.

“This is a temporary measure designed to stop this influx because we are looking for long-term solutions to address the broader pattern of abuse,” said Simeon Vincent, Developer Advocate for Chrome extensions at Google.

Extension developers who try to publish a new paid Chrome extension or provide a new update for their commercial extensions are currently receiving an automatic message with the text: “Spam and placement in the store.”

Some major name extensions have been affected by this ban, including Dashlane password management and the Comeet meeting scheduler app.

The decision to prohibit publishing or updating the Chrome extension was formally announced late Friday, January 24. However, Jeff Johson, the creator of the StopTheMadness Chrome extension, has been telling ZDNet for days that Google has been tacitly blocking updates for paid Chrome extensions for days [1, 2, 3, 4, 5].

It is unclear how long the ban will last.

“We are working to resolve this as quickly as possible, but we currently have no resolution timeline,” said Vincent. “Sorry for the inconvenience.”