Fraudulent ad blockers affect more than 1 million Google Chrome users. 

On September 16, 2019, Google removed two malicious ad blocking browser extensions from the Chrome Web Store. The extensions in question, AdBlock, and uBlock, originally appeared authentic due to the names being similar to two legitimate extensions, Adblock Plus and uBlock Origin. However, AdBlock and uBlock were found stuffing cookies, an illegal ad scheme.

What is cookie stuffing?

In affiliate marketing, when influencers send visitors to other websites, the influencers are paid a certain percentage of sales revenue. Since cookies store user data, businesses use them to identify if the visitors had used the affiliate links to reach their site. In cookie stuffing, the extensions alter the cookies so that, in addition to the original influencer, attackers also earn affiliation fees for purchases made by users.  

fraudulent-adblocker-chrome-screenshot

Even though Google had received multiple complaints regarding the nature of these extensions, they weren't removed from the Chrome Web Store until recently. According to a blog published by Andrey Meshkov, the co-founder and CTO of AdGuard, these ad blockers had excellent ratings and no negative reviews. AdBlock had more than 800,000 users, and uBlock had over 850,000, users. 

Google is currently working on Manifest V3, a policy which will restrict certain capabilities of extensions. Until then, Meshkov has advised users to install extensions from the trusted developers' websites directly, rather than using the Chrome Web Store. 

Share:

Latest DoS and DDoS attacks

Latest Brute force attack

Latest Crypto ransomware

Latest Advanced persistent threat (APT)

Compliance violation

Stay In The Know

Subscribe to our digest to get your weekly dose of cyber security updates straight to your inbox.

Please enter a business email id
 

By clicking 'I’m interested', you agree to processing of personal data according to the Privacy Policy

+

Stay In The Know

Thank you

You will receive weekly cybersecurity news soon!

  • Please enter a business email id
  •  
  •  
    By clicking 'I'm Interested', you agree to processing of personal data according to the Privacy Policy.

© 2019 Zoho Corporation Pvt. Ltd. All rights reserved.