What Happened to JSON Formatter Chrome Extension (Adware Incident)?
The popular 'JSON Formatter' Chrome extension, originally an open-source project by Callum Locke, transitioned to a closed-source, commercial model around late 2025/early 2026. Shortly after, in March 2026, users began reporting that the extension was injecting adware into checkout pages and performing geolocation tracking, leading to widespread warnings and uninstallation recommendations within the developer community. The extension remains available on the Chrome Web Store as of April 2026, despite these reports.
Quick Answer
The 'JSON Formatter' Chrome extension, a long-standing tool for developers, became the subject of an adware incident in early 2026. Following a shift from its original open-source development to a closed-source commercial model, users reported that the extension began injecting unwanted advertisements on e-commerce sites and engaging in geolocation tracking. As of April 11, 2026, the extension is still listed on the Chrome Web Store, but the developer community is actively warning users to uninstall it due to its malicious behavior.
📊Key Facts
📅Complete Timeline10 events
JSON Formatter Extension Created
Callum Locke creates and open-sources the 'JSON Formatter' Chrome extension, which quickly gains popularity among developers for its utility in prettifying JSON responses.
Developer's Public Pledge
Callum Locke publicly states his commitment to not adding data-sending code or selling the 'JSON Formatter' extension to malicious parties, building user trust.
Online JSONFormatter.org Data Leak (Separate Incident)
Cybersecurity researchers identify a major data leak from online tools like JSONFormatter.org and CodeBeautify.org, where users inadvertently exposed sensitive credentials by pasting them into the public 'Recent Links' feature. This is a separate incident from the Chrome extension adware.
Reports on Online Tool Leaks Published
The Hacker News and other security outlets publish detailed reports on the widespread credential leaks from online JSON formatting websites, emphasizing the risks of pasting sensitive data into such tools.
GitHub Repo Archived and Commercial Shift Announced
Callum Locke archives the open-source GitHub repository for 'JSON Formatter,' announcing his intention to move to a closed-source, commercial model for future development and releasing 'JSON Formatter Classic' as a static open-source alternative.
Chrome Extension Updated (v0.10.0)
The 'JSON Formatter' Chrome extension is updated to version 0.10.0 on the Chrome Web Store, including new language about supporting a 'mission' through partner stores, which later becomes associated with adware.
Adware and Tracking First Reported on Reddit
Users on Reddit begin reporting suspicious activity from the 'JSON Formatter' extension, specifically noting the presence of a 'give-freely-root' element injecting adware and geolocation tracking.
Extension Goes Closed Source
Around this time, the 'JSON Formatter' Chrome extension officially transitions to a closed-source model, coinciding with the initial reports of adware injection.
Hacker News Post Gains Traction
A Hacker News post titled 'JSON formatter Chrome plugin now closed and injecting adware' gains significant attention, further disseminating warnings about the compromised extension.
Extension Remains on Chrome Web Store
As of today, the 'JSON Formatter' Chrome extension (version 0.10.0) is still available on the Chrome Web Store, despite widespread reports and community warnings regarding its adware and tracking functionalities.
🔍Deep Dive Analysis
The 'JSON Formatter' Chrome extension, initially created and maintained by Callum Locke for over a decade, was a widely used open-source tool with millions of users, designed to prettify JSON responses in the browser. Locke had publicly pledged against incorporating data-sending code or selling the extension to parties who would compromise user privacy.
However, a significant shift occurred around late 2025. Callum Locke archived the open-source GitHub repository for 'JSON Formatter,' announcing a move towards a closed-source, commercial model to develop a more comprehensive API-browsing tool with premium features. He also released 'JSON Formatter Classic' as a simple, open-source, local-only alternative that would no longer receive updates.
The 'JSON Formatter' extension, under its new commercial guise or ownership, received an update to version 0.10.0 on February 26, 2026. This version included language about supporting a 'mission' through shopping at partner stores, a mechanism consistent with adware.
By March 2026, users began to detect suspicious activity. Reports emerged on platforms like Reddit and Hacker News detailing the injection of an element named 'give-freely-root-bcjindcccaagfpapjjmafapmmgkkhgoa' into checkout pages, effectively injecting adware. Furthermore, the extension was found to be performing geolocation tracking by querying maxmind.com, although it was unclear if this data was being exfiltrated. The community quickly identified the 'givefreely.com' domain as central to the adware operation.
The incident sparked considerable concern within the developer community, leading to widespread calls for users to uninstall the compromised extension. Many expressed frustration over the perceived betrayal of trust, especially given the original developer's prior assurances. As of April 11, 2026, the 'JSON Formatter' extension remains available on the Chrome Web Store, despite the ongoing reports and warnings regarding its adware and tracking functionalities. This incident highlights the inherent risks associated with browser extensions, particularly when ownership or development models change, and the challenges of maintaining trust in a dynamic digital ecosystem.
What If...?
Explore alternate histories. What if JSON Formatter Chrome Extension (Adware Incident) made different choices?