Web application security specialists have reported that two popular ad-blocking browser extensions, both available on the Google Chrome Web Store, are completely fraudulent developments. The appointed products have been installed by millions of unaware people.
The products are AdBlock, developed by AdBlock
Inc., and uBlock, by Charlie Lee. Experts claim that these extensions try to
trick users showing names similar to those of two legitimate extensions of
recognized developers. Although thousands of users have already filed
complaints with Google, the company has not commented on it.
Web application security experts say that the intention of the creators of these fraudulent products is to perform a practice known as “cookie stuffing”, very important for various advertising fraud schemes. These fraudulent extensions are stuffed with affiliate cookies, so when users of the extensions record activity on a major e-commerce site (Amazon, for example) developers of fake extensions receive affiliation fees for purchases made by users.
In total both extensions accumulate 1.6 million
active users worldwide; developers have resorted to using the cookie stuffing
of the world’s 300 most visited websites (according to Alexa’s Top 10000). In
addition, web application security experts believe this practice has generated
millions of dollars in profits for the creators of the extensions.
Still not everything is lost. Because this
fraudulent scheme is now publicly known, affiliate program owners may try to
track money generated by hackers.
On the other hand, members of the AdGuard team,
one of the most popular browser extensions, consider that measures implemented
so far by Google will not be able to protect Chrome
users from installing malicious extensions. The most important of these
changes, known as Manifest V3, is an update to the extension usage policy
designed to improve the security and privacy of users.
International Institute of Cyber Security
(IICS) web application security specialists believe that one of the main
reasons for these kinds of extensions to appear is that Chrome Web Store has
very few security measures, so what any kind of development can be made
available on the platform.
Despite the high level of exposure to this type
of software, there are some measures that any user can implement to mitigate
the risk of installing a tool developed for malicious purposes:
worth asking ourselves a couple of times: do I really need that browser extension?
can be misleading. In many cases, descriptions of an extension do not meet what
they offer or hide information from us
comments section may also be misleading; the extensions discussed in this article
had good reviews even though they didn’t work
the Chrome Web Store search engine is not recommended; if you have already
decided to install an extension, be sure to download it from the official
website of the developers