Web application security specialists have reported that two popular ad-blocking browser extensions, both available on the Google Chrome Web Store, are completely fraudulent developments. The appointed products have been installed by millions of unaware people.
The products are AdBlock, developed by AdBlock Inc., and uBlock, by Charlie Lee. Experts claim that these extensions try to trick users showing names similar to those of two legitimate extensions of recognized developers. Although thousands of users have already filed complaints with Google, the company has not commented on it.
Web application security experts say that the intention of the creators of these fraudulent products is to perform a practice known as “cookie stuffing”, very important for various advertising fraud schemes. These fraudulent extensions are stuffed with affiliate cookies, so when users of the extensions record activity on a major e-commerce site (Amazon, for example) developers of fake extensions receive affiliation fees for purchases made by users.
In total both extensions accumulate 1.6 million active users worldwide; developers have resorted to using the cookie stuffing of the world’s 300 most visited websites (according to Alexa’s Top 10000). In addition, web application security experts believe this practice has generated millions of dollars in profits for the creators of the extensions.
Still not everything is lost. Because this fraudulent scheme is now publicly known, affiliate program owners may try to track money generated by hackers.
On the other hand, members of the AdGuard team, one of the most popular browser extensions, consider that measures implemented so far by Google will not be able to protect Chrome users from installing malicious extensions. The most important of these changes, known as Manifest V3, is an update to the extension usage policy designed to improve the security and privacy of users.
International Institute of Cyber Security (IICS) web application security specialists believe that one of the main reasons for these kinds of extensions to appear is that Chrome Web Store has very few security measures, so what any kind of development can be made available on the platform.
Despite the high level of exposure to this type of software, there are some measures that any user can implement to mitigate the risk of installing a tool developed for malicious purposes:
- It’s worth asking ourselves a couple of times: do I really need that browser extension?
- Ads can be misleading. In many cases, descriptions of an extension do not meet what they offer or hide information from us
- The comments section may also be misleading; the extensions discussed in this article had good reviews even though they didn’t work
- Using the Chrome Web Store search engine is not recommended; if you have already decided to install an extension, be sure to download it from the official website of the developers
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.
