On the face of it, it seems as if it's the odd rogue. On further investigation, it seems that the problem may be more widespread than just Google.
We should all be on the lookout, and remove our unused extensions if they are being bought for malware injection. In this example, "Add to Feedly" and "Tweet This Page" extensions were removed by Google after they were paid to show adware.
People who install extensions might not be aware that the software can be silently updated to include code that serves ads or reports back browsing habits. Google doesn’t review changes to the code of Chrome extensions, and Chrome allows extensions to be updated and pushed to users’ computers automatically.
There is nothing improper about developers accepting payment for putting ad code into extensions. But the code must adhere to Google’s terms, and users generally get incensed when they find themselves exposed to ads from an unknown source.
Just another reason I trust no extensions in any form from any vendor for any reason. Some may think oh these make it much easier to do this and that but people create these for a reason, and it isn't for their health.
Which accounts for a large number of nasties being served by google to chrome and android devices. They should review AND test every update. After all, they claim (in some cases, at least) to be the world's guardian angel. :(