What Happened to JSON Formatter Chrome Extension (Adware Incident)?
The popular 'JSON Formatter' Chrome extension, once lauded for its simplicity, faced a significant 'adware incident' in early 2026. After an apparent change in ownership, the extension began injecting unwanted donation prompts, geolocation tracking, and making calls to third-party ad-related domains, leading to widespread user concern and recommendations for uninstallation. This event highlighted the risks associated with popular browser extensions being sold to new entities.
Quick Answer
The 'JSON Formatter' Chrome Plugin, specifically the version identified by the ID `bcjindcccaagfpapjjmafapmmgkkhgoa`, experienced an 'adware incident' in early 2026. Following an alleged change in developer ownership, the extension was updated to include features that injected donation requests and performed geolocation tracking, prompting strong user backlash and calls for its removal. As of April 2026, the extension remains available on the Chrome Web Store but is widely distrusted, with many developers seeking open-source or built-in browser alternatives.
📊Key Facts
📅Complete Timeline9 events
JSON Formatter gains popularity as a trusted tool
The 'JSON Formatter' Chrome extension, often associated with developer Callum Locke, is a widely popular and trusted tool for formatting JSON data in the browser, known for its open-source nature and lack of tracking.
Broader malicious extension campaigns reported
Reports emerge about malicious browser extension updates via compromised developer accounts, impacting millions of users and highlighting the vulnerability of the Chrome Web Store ecosystem to supply chain attacks.
Web-based JSON formatting tools found leaking secrets
Cybersecurity researchers report that online web-based JSON formatting tools (like JSONFormatter.org and CodeBeautify.org) have been leaking thousands of sensitive credentials and PII for years due to insecure 'Recent Links' features, a separate but related security concern.
A version of 'JSON Formatter' listed with an update
A version of 'JSON Formatter for Google Chrome' (v1.0.1) is listed with an update date, though it's unclear if this is the affected extension or a different one with a similar name.
Affected JSON Formatter extension receives update
The specific 'JSON Formatter' extension (ID `bcjindcccaagfpapjjmafapmmgkkhgoa`) receives an update, which is later identified as the version introducing unwanted features.
Users report adware and tracking in JSON Formatter
Users begin reporting on Reddit that the 'JSON Formatter' Chrome extension has gone closed source and is injecting 'give freely' donation requests and geolocation tracking, prompting immediate concern and calls for uninstallation.
Wes Bos releases 'JSON Alexander' as a trusted alternative
Wes Bos, a well-known web developer, releases 'JSON Alexander' (also called 'George Formats Jason'), a new open-source JSON formatter extension, specifically in response to the adware incident of the popular 'JSON Formatter' plugin, aiming to provide a trustworthy alternative.
Community discussions continue on adware incident
Discussions continue on Hacker News and Reddit about the 'JSON Formatter Chrome Plugin Now Closed and Injecting Adware,' with users expressing frustration and reiterating warnings against its use.
Affected extension remains available but distrusted
As of today, the affected 'JSON Formatter' extension remains available on the Chrome Web Store, but the developer community largely distrusts it and recommends alternatives due to the persistent adware and tracking concerns.
🔍Deep Dive Analysis
The 'JSON Formatter' Chrome extension, a widely used tool for prettifying JSON data in the browser, underwent a significant transformation in early 2026. Users began reporting that the extension, previously known for its clean, open-source nature, had started injecting 'give freely' donation prompts onto various websites, performing geolocation tracking via `maxmind.com`, and communicating with `api.givefreely.com` and `events.givefreely.com/popup`. This behavior was immediately flagged by the developer community as adware or unwanted functionality.
The prevailing theory among users and analysts is that the original developer, Callum Locke (who was associated with the extension in earlier versions), sold the extension to a new entity. This new owner then allegedly introduced the monetization features, including the donation prompts and tracking, without clear disclosure or user consent. The Chrome Web Store listing for the affected extension now shows a different developer email (`reddy.vivaanh@gmail.com`), further supporting the change of ownership hypothesis. This incident is a classic example of a 'supply chain attack' where a trusted piece of software is compromised or sold, and malicious or unwanted features are subsequently introduced through updates.
The primary turning point was the update pushed in late February or early March 2026 that introduced the 'give freely' functionality and tracking. This immediately triggered discussions on platforms like Reddit and Hacker News, where users quickly identified and publicized the unwanted changes. Another significant development was the rapid response from the developer community, leading to the creation and promotion of new, trustworthy alternatives.
The immediate consequence was a severe erosion of trust in the affected 'JSON Formatter' extension. Users were strongly advised to uninstall it due to privacy and security concerns. The incident also sparked broader discussions about the inherent risks of browser extensions, particularly those that are popular and might be attractive targets for acquisition by entities looking to monetize user bases. It highlighted the need for greater scrutiny of extension permissions and the potential for auto-updates to introduce malicious code.
As of April 11, 2026, the 'JSON Formatter' extension (ID `bcjindcccaagfpapjjmafapmmgkkhgoa`) remains available on the Chrome Web Store, with its last update listed as February 26, 2026. However, it is widely considered compromised by the developer community, and many users have uninstalled it. New, open-source alternatives like 'JSON Alexander' by Wes Bos have emerged, specifically created in response to this incident to provide a trusted alternative. Furthermore, this incident has reinforced calls for browser vendors to improve built-in JSON formatting capabilities and for users to be more cautious about the extensions they install and their update policies.
What If...?
Explore alternate histories. What if JSON Formatter Chrome Extension (Adware Incident) made different choices?