Google removes 5 malicious ad blockers
Downloaded 20 million times on the Chrome Web Store, malicious extensions have spied on their users and allowed remote control of Google’s browser.
Internet users’ interest in ad blockers is fueling the appetite of unscrupulous hackers/developers. For example, Google has removed 5 malicious extensions from the Chrome Web Store, the extension store of its Chrome browser, following several reports from the AdGuard adblocker co-founder.
The 5 extensions were ad blockers that had many users, sometimes several million. In total, they have been downloaded more than 20 million times. In addition to blocking ads, these extensions concealed malicious code that could be traced to remote server-side web pages viewed by the user. The server could then send commands to the victim’s browser, such as a botnet.
Here is the complete list of affected extensions:
AdRemover for Google Chrome (10M + users)
unlock Plus (8M + users)
Adblock Pro (2M + users)
HD for YouTube (400K + users)
Webutation (30K + users)
We do not have concrete information on the purpose of the maneuver. Was it to perform DDoS attacks thanks to the users of the extensions? Or inject advertising into the pages viewed by users? Or to contaminate/steal sensitive information by causing Internet users to fake phishing web pages? Mystery.
In any case, all of these extensions have been removed from the Chrome Web Store. If you have installed one on your browser, uninstall it immediately. You can also run an antivirus scan on your computer, it does not eat bread.