APPS
APPS
APPS
20M+ Chrome users exposed to fake data-stealing ad blockers
More than 20 million Google Chrome users may be using fake ad blocking software.
That’s apparent after a security researcher found five examples that while actually blocking ads as advertised, stole user information and manipulated web browsing instead.
The discovery, made by AdGuard Software Ltd. researcher Andrey Meshkov Tuesday, involved fake ad blocking Chrome extensions that used code stolen from legitimate ad blocking services, such as AdGuard itself, bundled with additional nefarious code.
That code varied among the fake ad blockers, but in the most prominent example included text files with obfuscated scripts that could keep track of every request made by the victim, as well as the ability to communicate with a command-and-control server to send data back to the browser.
Fake extensions and applications are not a new problem, as is seen time and again when it comes to Android apps. Where this incident differs is the success of those behind the fake Chrome extensions not only to have them listed but also to get them into the top positions in the Chrome Web Store search results.
Explaining that while previously those behind malicious apps in the Chrome Web Store would usually use other companies names, Meshkov said that they have “got smarter now” in that “instead of using tricky names they now spam keywords in the extension description trying to make to the top search results. Apparently, being in the top is enough to gain trust of casual users.”
The most popular app, named AdRemover for Google Chrome™ (with the trademark tag for added legitimacy) had been downloaded more than 10 million times, while the next two fake apps came in at 8 million-plus and 2 million-plus installations each.
Google moved promptly to remove the malicious apps from the Chrome Web Store. But the mere fact they were not only listed but ended up being the top rated results, rightfully raises questions about Google’s filter process for the store.
“With the current state of things, surfing through the Chrome’s Web Store is like walking through a minefield,” Meshkov concluded. “So here’s my advice: If you want to install an extension, think twice. And then think twice again.”
Image: AdGuard
A message from John Furrier, co-founder of SiliconANGLE:
Support our open free content by sharing and engaging with our content and community.
Join theCUBE Alumni Trust Network
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
11.4k+
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
