Connect with us

Hi, what are you looking for?

Social Media

Fake ad blockers in Google Chrome store fooled 20 million users

It is really unbelievable that an ad blocker could turn out to be malware, but it as apparently true. Andrey Meshkov, the co-founder of ad-blocker AdGuard, recently got curious about the number of knock-off ad blocking extensions available for Google’s popular browser Chrome, according to Vice Motherboard.

Meshkov noticed the extensions were deliberately styled to look like legitimate ad blockers, but he wondered why they existed in the first place. So he downloaded one to take a closer look.

“Basically I downloaded it and checked what requests the extension was making,” Meshkov told Motherboard over the phone. “Some strange requests caught my attention.”

Apparently  being in the top is enough to gain trust of casual users. For instance  take a look at t...

Apparently, being in the top is enough to gain trust of casual users. For instance, take a look at the stats of one of them:
AdGuard


Meskhov noticed almost immediately that the ad blocker downloaded from the Chrome store had code hidden inside an image that had been loaded from a remote command server. He says this gives the creator the ability to change its functions without updating anything.

“Basically, this is a botnet composed of browsers infected with the fake Adblock extensions,” AdGuard wrote in its report, according to Engadget. “The browser will do whatever the command center server owner orders it to do.”

This action is against Google’s policies, and after bMeskhov wrote about his discovery, that included a number of examples that had millions of users, Google removed the fake extensions from their Chrome store.

This is the full list, according to Meskhov.
AdRemover for Google Chrome™ (10M+ users)
uBlock Plus (8M+ users)
Adblock Pro (2M+ users)
HD for YouTube™ (400K+ users)
Webutation (30K+ users)

Meskhov says the fake extensions can be used for a number of dangerous actions, other than collecting personal information and browsing habits. These extensions can alter the appearance of pages, scrape information from the user, or load additional extensions that a user hasn’t installed. All in all, not good.

Yan Zhu, a software engineer who works for the privacy-conscious browser Brave, told Motherboard Google has a history of approving sketchy extensions to its store.

“For instance, the extension could probably man-in-the-middle all the requests coming from your browser, but it can’t, for instance, read your browser’s encrypted password database, because that is not a privilege that extensions can have,” Zhu explained over a Twitter direct message.

Avatar photo
Written By

We are deeply saddened to announce the passing of our dear friend Karen Graham, who served as Editor-at-Large at Digital Journal. She was 78 years old. Karen's view of what is happening in our world was colored by her love of history and how the past influences events taking place today. Her belief in humankind's part in the care of the planet and our environment has led her to focus on the need for action in dealing with climate change. It was said by Geoffrey C. Ward, "Journalism is merely history's first draft." Everyone who writes about what is happening today is indeed, writing a small part of our history.

You may also like:

Tech & Science

Digital Journal announced as official media partner for Innovation Week in Calgary.

Business

Pay attention to these issues, because it could be your neck in the noose.

Tech & Science

Foxconn said it is building the world's largest production plant for US hardware leader Nvidia's GB200 "superchips" that power AI servers.

Tech & Science

Hinton, a big name in artificial intelligence, was awarded the 2024 Nobel Prize.