Fake Adblock Plus extension takes the shine off Chrome’s reputation for security

[hacker7]

Fake Adblock Plus extension takes the shine off Chrome’s reputation for security

 

 

 

 

 

 

 

 

 

 

In a clear lesson about the potential dangers involved with browser add-ons, a fake copy of a popular ad-blocking Chrome extension has tricked an estimated 37,000 users of the browser into downloading it.

The phony Adblock Plus extension used the exact same name as the genuine add-on in the Chrome web store – save for the fact that it was written as ‘AdBlock’, with a capital ‘B’ which most folks wouldn’t have noticed – and the same developer name. Also, users wouldn’t necessarily have spotted a problem scanning the feedback, as there were a good amount of reviews for the dodgy product.

But the fact is that the extension was a fake, and naturally as soon as it was spotted by SwiftOnSecurity and flagged up to Google, the offending add-on was removed from the Chrome store.

Not before nearly 40,000 folks had downloaded it, however, and it’s not clear what ill effects the extension could inflict. Engadget reports that some users of the fake extension have said they’ve been affected by rogue adverts opening multiple tabs, which sounds about right.

Indeed, fingers crossed that’s the worst thing any malicious payload hidden in the extension carries.

• Will you be using Chrome to hunt down the best Black Friday deals?

 

 

 

 

 

 

 

Image credit: SwiftOnSecurity

Fake finding

The real developer of Adblock Plus has offered some advice for those who have downloaded the extension recently, and are concerned they might have picked up the fake one.

The developer wrote: “One way to see if you have the real [extension] is by going to Chrome > More Tools > Extensions. The phony app also shows up as an APP in the store – not as an EXTENSION, as Adblock Plus does.

“Once you’re there, find Adblock Plus and click Details. That will take you to the Chrome Web Store. Just make sure that the extension you’re seeing says ‘offered by adblockplus.org.’ If so, you’re probably good.”

But if you’re still not happy and want to make 100% certain you're safe, you can always simply uninstall your existing extension, and reinstall Adblock Plus from the Chrome store (now that the phony add-on has been vanquished).

Of course, when installing any extensions – or software for that matter – it pays to carefully look at the source, and examine all aspects with a critical eye (in this case, the capital ‘B’ in the name was a clue, but hardly a glaring one).

Regardless, Google shouldn’t be letting this sort of phony extension slip through the net, and hopefully a review of Chrome store moderation procedures will be underway as we type…

 

Source : http://www.techradar.com/news/fake-adblock-plus-extension-takes-the-shine-off-chromes-reputation-for-security

Another source

 

37,000 Chrome users duped by fake AdBlock Plus extension

 

•  

Google pulls fake Adblock Plus extension from Chrome serving invasive ads

[cubedj]

Do somebody know how Google actually handles the users with these type of malicious extensions already installed? Is there a some kind of warning or is the extension removed automatically?... because maybe a month ago I completely by accident found malicious code in extension called "Shade for your eyes" - it included the "coinhive" dataminer, fake credit card form sending all transaction info to a specific gmail account + it demanded permission to access your google account and secure payment api... so a much worse stuff than this fake Adblock... Google did remove the extension from the webstore but I've disabled the extension right after installation and I've never actually used it... there was no warning or any kind of attempt by Google to fix this in this case so I had to remove it manually... which kind of sucks if Google simply does not care...