Connect with us

Hi, what are you looking for?

Social Media

Fake ad blockers in Google Chrome store fooled 20 million users

It is really unbelievable that an ad blocker could turn out to be malware, but it as apparently true. Andrey Meshkov, the co-founder of ad-blocker AdGuard, recently got curious about the number of knock-off ad blocking extensions available for Google’s popular browser Chrome, according to Vice Motherboard.

Meshkov noticed the extensions were deliberately styled to look like legitimate ad blockers, but he wondered why they existed in the first place. So he downloaded one to take a closer look.

“Basically I downloaded it and checked what requests the extension was making,” Meshkov told Motherboard over the phone. “Some strange requests caught my attention.”

Apparently  being in the top is enough to gain trust of casual users. For instance  take a look at t...

Apparently, being in the top is enough to gain trust of casual users. For instance, take a look at the stats of one of them:

Meskhov noticed almost immediately that the ad blocker downloaded from the Chrome store had code hidden inside an image that had been loaded from a remote command server. He says this gives the creator the ability to change its functions without updating anything.

“Basically, this is a botnet composed of browsers infected with the fake Adblock extensions,” AdGuard wrote in its report, according to Engadget. “The browser will do whatever the command center server owner orders it to do.”

This action is against Google’s policies, and after bMeskhov wrote about his discovery, that included a number of examples that had millions of users, Google removed the fake extensions from their Chrome store.

This is the full list, according to Meskhov.
AdRemover for Google Chrome™ (10M+ users)
uBlock Plus (8M+ users)
Adblock Pro (2M+ users)
HD for YouTube™ (400K+ users)
Webutation (30K+ users)

Meskhov says the fake extensions can be used for a number of dangerous actions, other than collecting personal information and browsing habits. These extensions can alter the appearance of pages, scrape information from the user, or load additional extensions that a user hasn’t installed. All in all, not good.

Yan Zhu, a software engineer who works for the privacy-conscious browser Brave, told Motherboard Google has a history of approving sketchy extensions to its store.

“For instance, the extension could probably man-in-the-middle all the requests coming from your browser, but it can’t, for instance, read your browser’s encrypted password database, because that is not a privilege that extensions can have,” Zhu explained over a Twitter direct message.

Avatar photo
Written By

Karen Graham is Digital Journal's Editor-at-Large for environmental news. Karen's view of what is happening in our world is colored by her love of history and how the past influences events taking place today. Her belief in man's part in the care of the planet and our environment has led her to focus on the need for action in dealing with climate change. It was said by Geoffrey C. Ward, "Journalism is merely history's first draft." Everyone who writes about what is happening today is indeed, writing a small part of our history.

You may also like:


The colorful scenes depict religious Christmas characters surrounded by cutouts of Krakow's architecture.


Just remember that if you get a dictator, you didn’t do enough to stop it.  

Tech & Science

The researchers asked the participants to again rate the voice assistant’s attractiveness and service quality, what was the outcome?


Aiming to destroy Hamas, Israel launched a military offensive that the health ministry in the Hamas-run Gaza says has killed 17,490 people.