ONLY download addons/extensions that come from that function in the browser, not via email or similar ways. Malware Masquerading as Google Chrome Extension PC Magazine Larry Seltzer - PC Magazine Larry Seltzer - Pc Magazine â Mon Apr 19, 2:03 pm ET BitDefender's Malware City blog is warning users about what it considers to be the first case of malware spreading via a fake Google Chrome extension. The threat cycle begins with an e-mail advertising a new extension that "will help you to better organize your documents received in your e-mail." The e-mail includes a link that leads to a fake Google Chrome extensions page. This page presents a link not to an extension (which has a .crx file extension) but to a Trojan horse program with a .exe file extension. The Trojan modifies the Windows HOSTS file to block access to Yahoo's and Google's pages. They are instead redirected to fake versions of those sites. BitDefender identifies the threat as Trojan.Agent.20577. It's important to note that Google and Chrome really play no role in this threat.