Phony Adblock Plus Extension Infiltrates Chrome Web Store

For users, the fake version of the popular ad blocker is nearly entirely indistinguishable from the real extension.

Malicious and fake extensions have always been a problem Google has been trying to stamp out with Chrome, having removed the ability to add extensions to the browser that were not hosted in the Chrome Web Store. "Legitimate developers just have to sit back and watch as Google smears them with fake extensions that steal their good name".

In a clear lesson about the potential dangers involved with browser add-ons, a fake copy of a popular ad-blocking Chrome extension has tricked an estimated 37,000 users of the browser into downloading it.

In a post on its website, Google writes, "Within minutes of being confirmed as malware, it was removed from the Chrome Web Store as well as from the machines of users who previously installed it". The same was observed by many Chrome users who reported the extension's abnormal behaviour on the extension's review page.

'While the underlying issue around the popularity of this fake extension lies with Google, due to it allowing more than one extension of the same name to pass its controls, and its automated processes, the bulk of the responsibility has to lie with the users who installed it. By using a number of unrelated keyboards added to the extension's description, the scammers were able to make the extension pop up in search results for any number of popular queries. "The real version is titled "Adblock Plus" with the lowercase "b" and is offered by the developer adblockplus.org (the fake version was offered by Adblock Plus").

Not before almost 40,000 folks had downloaded it, however, and it's not clear what ill effects the extension could inflict. A similar situation happened in 2015.

So far, Google hasn't commented on why its Chrome Web Store failed to notice the dubious nature of the software in the first place. A fraudulent developer managed to sneak the dodgy, adware filled extension past Google's usual security checks, going on to affect 37,000 users.

Vanessa Coleman

Comments