The mission of this group is to bring together utility professionals in the power industry who are in the thick of the digital utility transformation. 

Post

Feedly mini extension may contain malware - be aware

image credit: author

Richard Brooks's picture
Co-Founder and Lead Software Engineer Reliable Energy Analytics LLC

Successful developer of Energy Industry B2B and Cyber security standards at North American Energy Standards Board (NAESB) (www.naesb.org) since 1995; ANSI Meritorious Service Award Recipient;...

  • Member since 2018
  • 1,064 items added with 430,279 views

I received this notification from a colleague in my cybersecurity network:

On or about Friday evening (May 7, 2021) Edge notified me that the Feedly Mini extension (one of the only extensions I use as extensions are dangerous things) was remove from the store due to "malware".

Feedly is used by many newshounds, and with 2021 being a very bad year when it comes to supply-chain attacks, seeing a notice about malware in a very popular Chrome extension is more than a little distressing.

Your access to Member Features is limited.

I'm posting this blog to get the word "malware" associated with "Feedly" so they are compelled to make some sort of statement. I'll update it with more information as it is provided.

 

Discussions

Spell checking: Press the CTRL or COMMAND key then click on the underlined misspelled word.
Bob Meinetz's picture
Bob Meinetz on May 9, 2021

Thanks Richard. Interesting in 2021 that the best data security information comes from sources that we inherently trust - and that trust is the product of our subjective evaluations of people we've never met in person.

I've never understood why anyone would use Chrome or Gmail, the products of a company that mercilessly gathers personal information and sells it to the highest bidder. Granted, it's debatable whether privacy hasn't been a myth for years. But I have to believe handing our browsing/search history, our personal contacts (and our correspondence with them), even the usernames and passwords of our financial accounts, will have implications we haven't yet begun to imagine. None of them, good.

Petr Pinkas's picture
Petr Pinkas on May 10, 2021

Hello Richard, we're sorry, there was something wrong during the Google review of the extension, not our fault, "Feedly" word was recognized as suspicious, thus the whole malware thing. We're on it.

Richard Brooks's picture
Richard Brooks on May 10, 2021

Petr, thanks for keeping us updated.

Matt Chester's picture
Matt Chester on May 10, 2021

one of the only extensions I use as extensions are dangerous things

I have to admit I'm one who more or less freely uses extensions without considering security implications. You mention you used this one-- is there a reason you see some as more secure than others? How should the common user go about deciding to use an extension vs. not? 

Richard Brooks's picture
Richard Brooks on May 10, 2021

Matt, those words were copied from a colleague's email. I only use browser extensions from Mozilla. Not that this guarantees security - but at least I'm containing my risk to one party, that seems to be on top of their patching process.

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »