Overview
- Google disabled and delisted the extension after flagging it as unsafe malware in Chrome.
- The add-on had more than one million users who used it to save images as PNG, JPG, or WebP.
- Analyses by XDA Developers and Reddit investigators found code in inject.js that contacted a server, opened hidden iFrames, and replaced affiliate tags on hundreds of sites, reportedly 578.
- Developer metadata shows a change of ownership in late 2024 or 2025, consistent with a bait-and-switch of a once-legitimate utility.
- Microsoft’s Edge store removed the same extension about a year earlier, and security guidance urges users to uninstall it and clear cookies or site data, with vetted alternatives such as Save Image As PNG available.