To best protect yourself, look very closely at any extension before you install it, Meshkov said in the post. By Wednesday, all five fake ad blockers were removed. Meshkov reported these findings to Google on Tuesday. AdRemover for Google Chrome™ (10M+ users).The following five ad blockers were found to use this malicious approach, according to the post: “The browser will do whatever the command center server owner orders it to do.” “Basically, this is a botnet composed of browsers infected with the fake adblock extensions,” Meshkov wrote in the post.
It then receives command scripts from the remote server that are executed and can change your browser’s behavior in any way. The code sends back information to its server about the websites a victim visits. For example, in 2017, a researcher discovered a fake Adblock Plus Chrome extension that tricked 37,000 users into installing it.įake ad blockers hide malicious code inside jQuery, a well-known JavaScript library, according to the post.
SEE: Security awareness and training policy (Tech Pro Research)Ĭloning real ad blockers and adding malicious features to them has become a popular tactic for cybercriminals, as noted by our sister site ZDNet. But instead of using similar names (like “Adguard Hardline” or “Adblock Plus Premium”), they spam keywords into the extension’s description, trying to move it to the top search results and increase the likelihood of getting a victim to download it. These criminals still use simple rip-offs of popular products, with a few lines of code added by the “authors,” Meshkov wrote in the post. Top 10 open-source security and operational risks of 2023Īs a cybersecurity blade, ChatGPT can cut both waysĬloud security, hampered by proliferation of tools, has a “forest for trees” problemĮlectronic data retention policy (TechRepublic Premium) While he noted that hackers have long created cloned versions of popular ad blockers, they have grown more sophisticated. The malicious ad blockers were discovered by Andrey Meshkov, co-founder of Adguard, who detailed his findings in a blog post. Google removed five fake ad blockers from the Chrome Store after they were flagged by a researcher, but they had already been downloaded more than 20 million times. Users should not download an extension unless they trust the author.
0 kommentar(er)
