Security researchers at AdGuard recently revealed some interesting findings regarding the use of fake ad block extensions. There is evidence that some twenty million Chrome users have been tricked into downloading and installing rogue browser extensions concealed as ad blocking software.
What AdGuard has discovered is that the majority of ad blockers for Google Chrome are in fact rogue rip-offs of legitimate apps. These rip-offs are embedded with malicious code with the sole purpose of spying on users.
Chrome Web Store Flooded with Fake Ad Block Extensions
How are attackers succeeding to full so many users? The authors of the fraudulent extensions used spam keywords and names that are close to the names of legitimate extensions. Examples are Adblock Plus Premium and Adguard Hardline. This is how the researchers explained it:
It’s been a while since different “authors” started spamming Chrome WebStore with lazy clones of popular ad blockers (with a few lines of their code on top of them). That’s how users could end up installing some “Adguard Hardline” or “Adblock Plus Premium” or something like that. The only way of fighting this stuff is to file a trademark violation abuse to Google, and it takes them a few days to take a clone down.
According to this research, the least popular of these rogue extensions was downloaded at least 30,000 times. As for the most popular one, the numbers are staggering – more than 10 million times. The total of all such downloaded cases is approximately 20 million, meaning that 20 million Chrome browsers on users’ computers were affected in one way or another.
The most popular of the fake adblocking extensions is AdRemover for Google Chrome. The extension created a huge botnet of infected browsers (Read more...)
*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum authored by Milena Dimitrova. Read the original post at: https://sensorstechforum.com/20-million-google-chrome-users-fake-ad-block/