Fraudulent ad-blocking extension tricks 37000 Google Chrome users

Share

Those who recently downloaded the hugely-popular ad-blocking browser extension from the official web store should make sure they've installed the right one.

According to security researchers SwiftOnSecurity, 37,000 users had downloaded a fake version of the Adblock Plus extension.

However by this time, the add-on had already been installed 37,000 times.

As The Verge notes, lots of users used to have problems with fake Google Chrome extensions in the past, that's why Google in 2015 eventually disallowed Windows and Mac users from getting extensions from third parties, or in other words, those not hosted inside the official Chrome Web Store directly. The fake extension raises further question marks over the vetting process on Google's official Web Store.

However, it would appear that there are still cracks in Google's extension vetting and approval process for Chrome, despite narrowing down where such extensions can be downloaded from.

Technical Secrets: Cisco Systems, Inc. (NASDAQ: CSCO)
Public Employees Retirement Association Of Colorado has invested 0.22% in Cisco Systems, Inc . (NASDAQ: CSCO ) for 47,824 shares. The Progressive Corporation (NYSE:PGR) has a market cap of $28.7 billion and over the last 12 months, PGR has risen by 58.81%.

Interestingly, the developer wanted to earn some extra bucks so he went ahead and targeted Adblock users.

So, here's what happened: a developer whose name is "Adblock Plus" created an extension that looks exactly like the real Adblock Plus extension, complete with the logo and other visual elements.

A screengrab of a user review (embedded below) also suggests that the illegitimate extension opens "invasive" ads in new browser tabs once installed.

The fake app had been through Google's verification was ranking highly in the Google Play Store. But because the extension spoofs the legitimate Ad Blocker name, it has managed to dupe thousands of people to download it.

Share