Jump to content

Welcome to nsane.forums

Welcome to nsane.forums, like most online communities you need to register to view parts of our community or to make contributions, but don't worry: this is a free and simple process that requires minimal information. Be a part of nsane.forums by signing in or creating an account.

  • Access special members only forums
  • Start new topics and reply to others
  • Subscribe to topics and forums to get automatic updates

 

Please note: Unfortunetely due to some server side issues, registration via Hotmail / Outlook email addresses do not work, members are requested to use some other email addresses like Gmail to register here.


hacker7

Fake Adblock Plus extension takes the shine off Chrome’s reputation for security

Recommended Posts

hacker7    1,307
hacker7

Fake Adblock Plus extension takes the shine off Chrome’s reputation for security

 

 

 

4fa02292b6d45ff96f29a9cd030974cb-320-80.

 

 

 

 

 

 

 

In a clear lesson about the potential dangers involved with browser add-ons, a fake copy of a popular ad-blocking Chrome extension has tricked an estimated 37,000 users of the browser into downloading it.

The phony Adblock Plus extension used the exact same name as the genuine add-on in the Chrome web store – save for the fact that it was written as ‘AdBlock’, with a capital ‘B’ which most folks wouldn’t have noticed – and the same developer name. Also, users wouldn’t necessarily have spotted a problem scanning the feedback, as there were a good amount of reviews for the dodgy product.

But the fact is that the extension was a fake, and naturally as soon as it was spotted by SwiftOnSecurity and flagged up to Google, the offending add-on was removed from the Chrome store.

Not before nearly 40,000 folks had downloaded it, however, and it’s not clear what ill effects the extension could inflict. Engadget reports that some users of the fake extension have said they’ve been affected by rogue adverts opening multiple tabs, which sounds about right.

Indeed, fingers crossed that’s the worst thing any malicious payload hidden in the extension carries.

  • Will you be using Chrome to hunt down the best Black Friday deals?

 

 

 

 

 

 

 

missing-image.svg

Image credit: SwiftOnSecurity

Fake finding

The real developer of Adblock Plus has offered some advice for those who have downloaded the extension recently, and are concerned they might have picked up the fake one.

The developer wrote: “One way to see if you have the real [extension] is by going to Chrome > More Tools > Extensions. The phony app also shows up as an APP in the store – not as an EXTENSION, as Adblock Plus does.

“Once you’re there, find Adblock Plus and click Details. That will take you to the Chrome Web Store. Just make sure that the extension you’re seeing says ‘offered by adblockplus.org.’ If so, you’re probably good.”

But if you’re still not happy and want to make 100% certain you're safe, you can always simply uninstall your existing extension, and reinstall Adblock Plus from the Chrome store (now that the phony add-on has been vanquished).

Of course, when installing any extensions – or software for that matter – it pays to carefully look at the source, and examine all aspects with a critical eye (in this case, the capital ‘B’ in the name was a clue, but hardly a glaring one).

Regardless, Google shouldn’t be letting this sort of phony extension slip through the net, and hopefully a review of Chrome store moderation procedures will be underway as we type…

 

Source : http://www.techradar.com/news/fake-adblock-plus-extension-takes-the-shine-off-chromes-reputation-for-security

Another source

 

37,000 Chrome users duped by fake AdBlock Plus extension

 

  •  
  • Like 3
  • Thanks 1
  • Haha 1

Share this post


Link to post
Share on other sites
cubedj    4
cubedj

Do somebody know how Google actually handles the users with these type of malicious extensions already installed? Is there a some kind of warning or is the extension removed automatically?... because maybe a month ago I completely by accident found malicious code in extension called "Shade for your eyes" - it included the "coinhive" dataminer, fake credit card form sending all transaction info to a specific gmail account + it demanded permission to access your google account and secure payment api... so a much worse stuff than this fake Adblock... Google did remove the extension from the webstore but I've disabled the extension right after installation and I've never actually used it... there was no warning or any kind of attempt by Google to fix this in this case so I had to remove it manually... which kind of sucks if Google simply does not care...

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×