Popular Chrome Extension 'Save Image as Type' Flagged as Malware

Google has officially disabled the widely used Save Image as Type Chrome extension, flagging it as malware for over a million users. The tool, popular for converting WebP images, was caught using hidden iframes to execute a malicious cookie-stuffing operation. This development is a critical alert for anyone who relies on browser utilities to manage daily web tasks.

For years, users struggling to save WebP images as standard JPEGs or PNGs relied on this extension to bypass native browser limitations. However, convenience has quickly turned into a security risk, with Google sending users a blunt warning that the extension is unsafe. The prompt explicitly advises users to remove the tool so it can no longer see or change personal data on visited websites.

According to recent investigations, the warning stems from a malicious affiliate tracking scheme. The extension reportedly utilized hidden iframes to perform cookie stuffing, planting affiliate tracking markers in users' browsers. Similar to past accusations leveled against the Honey extension, this tactic allowed the developers to fraudulently claim financial credit for online sales they had no part in facilitating.

If you have recently utilized this extension, simply uninstalling it is not enough to secure your browser. The only definitive way to purge these hidden tracking markers is to clear your browsing data, specifically targeting all cookies and other site data. For those needing a secure replacement, Save Image As PNG currently appears to be a safe and functional alternative.

The downfall of Save Image as Type highlights a growing and insidious trend in the browser extension ecosystem. Malicious actors frequently target highly popular, single-purpose utility tools - either by acquiring them from the original developers or pushing compromised updates - to monetize massive user bases. Because this extension had over a million active users, the scale of the affiliate fraud was likely substantial before Google intervened.

Why was the Save Image as Type extension disabled?
Google flagged the extension as malware because it used hidden iframes to plant affiliate tracking cookies in users' browsers without their consent.

How do I fix my browser if I used this malicious extension?
You must immediately remove the extension from Chrome and clear your browsing data, specifically ensuring that you delete all cookies and site data to remove the tracking markers.

What is a safe alternative for saving WebP images?
Currently, the extension Save Image As PNG is recommended as a secure alternative available on the Chrome Web Store.