I have Kaspersky Security as antivirus and have the Hubspot Sales Chrome Extension on Windows 10. This morning Kaspersky identified a few Javascript files as Trojans. Poking around, it looks like these files belong to the Hubspot Sales Extension (path C:\Users\{my_user}\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiiaigjnkhngdbnoookogelabohpglmd\2.9.0.6826_1\js\init, the files are background.js, gmail.js, Background.js, and Gmail.js). According to the Chrome web store, the extension (link HubSpot Sales - Chrome Web Store (google.com)) was updated yesterday to version 2.9.0.6826. Given the timing, it seems likely that there was something in this update that caused the extension to be flagged as a Trojan, but it also seems possible that this is a legitmate virus. Is anyone else running into this? Can someone else who has the chrome extension on Windows confirm that they also have these files? Is there a better place to post this issue? Thanks
We had this issue also. Here is the explanation from HubSpot support:
Google changed their requirement for Chrome extension to Manifest 3, and non-Manifest 3 extensions will be turned off at the beginning of next year. Because of this, at the beginning of this week,our team made some changes as one of the first steps to convert the chrome extension to Google's required Manifest 3 version.As part of that requirement,an extension cannot download additional components as needed as a partial install, butmust install the entire extension as one package.
Due to this, our extension went from being a 2MB install to a 22 MB install, and this pinged Kaspersky as a problem.Having such a huge change in file size was flagged by Kaspersky as a reason to believe that the extension had added malware, which isn't the case.
HubSpot support said they were working with Kaspersky to clear up the confusion.
As of this morning, Kaspersky no longer flags the HubSpot Sales Chrome extension as malware. There is no longer any need to add a folder scan exclusion in Kaspersky (allowlisting).
I know that Kaspersky flagging the Hubspot Sales Chrome Extension after an update could be a false alarm because of the changes in the extension's size and structure.
But, to be safe, you should run a full scan. If you’re worried about malware, this malware removal guide could help. It's a good resource from an IT security expert to check for any harmful stuff on your system.
We had this issue also. Here is the explanation from HubSpot support:
Google changed their requirement for Chrome extension to Manifest 3, and non-Manifest 3 extensions will be turned off at the beginning of next year. Because of this, at the beginning of this week,our team made some changes as one of the first steps to convert the chrome extension to Google's required Manifest 3 version.As part of that requirement,an extension cannot download additional components as needed as a partial install, butmust install the entire extension as one package.
Due to this, our extension went from being a 2MB install to a 22 MB install, and this pinged Kaspersky as a problem.Having such a huge change in file size was flagged by Kaspersky as a reason to believe that the extension had added malware, which isn't the case.
HubSpot support said they were working with Kaspersky to clear up the confusion.
As of this morning, Kaspersky no longer flags the HubSpot Sales Chrome extension as malware. There is no longer any need to add a folder scan exclusion in Kaspersky (allowlisting).
We are also having the same issue with Kaspersky flagging HubSpot Sales 2.9.0.6826 chrome extension as malware/virus HEUR:Trojan.Script.Generic Trojan.Script.Generic.4!c
In particular it appears background.js and gmail.js are the files in the extension which is being flagged.
Kaspersky deletes the file(s) to disinfect it thus rendering the extension unusable/corrupt by chrome. The moment chrome loads again to fix the corruption, the extension is re-downloaded from the chrome web store and the process repeats itself.
Ok good to know that others are seeing it too. Someone else I know also ran into the same issue (running Windows 10, Kaspersky, and Hubspot extension). I assume it can be allowlisted from File Anti-Virus in Kaspersky (haven't tried though because I deleted the extension.)
Hi @salesguy2 I'm on a mac, so I'm not sure where to see the js files associated with the extension, but I have the latest version and I don't have any trojan viruses...☠️
If my reply answered your question please mark it as a solution to make it easier for others to find.