Chrome Extensions With 80 Mn Downloads Found Inserting Malicious Ads
In a shocking discovery, a group of Chrome extensions has been found inserting malicious codes in Google and Bing search results. 295 Chrome extensions downloaded by more than 80 million users have been found sabotaging results, although, the number might include bots as well.
Discovered by AdGuard, a firm that offers ad-blocking solutions stumbled upon the malicious Chrome while investigating a cluster of fake ad-blocking Chrome extensions on the Chrome Extension store.
As per a report by AdGuard, most of the extensions presented themselves as ad-blocking extensions, whereas some were present on the official Chrome Extension Store as extensions to forecast weather and take a screenshot. The fake ad-blocking extensions tried to snoop on users using ‘Cookie stuffing’ and ‘ad fraud.’ Interestingly, at least six such fake extensions were re-using the same code that was found in a host of Chrome extensions exposed last year.
What makes these malevolent Chrome extensions even more dangerous is the fact that they can change behavior at any point in time without any update and start doing whatever they like. This is because these extensions use third-party codes loaded from a remote server and controlled by the owners. These codes could be changed at any point in time, and it doesn’t require any update.
Here are some of the popular Chrome extensions found inserting malicious codes in search results:
- Ad-block for YouTube — Youtube Ad-blocker Pro – 2,000,000+ users
- Adblocker for YouTube — Youtube Adblocker – 2,000,000+ users
- uBlocker — #1 Adblock Tool for Chrome – 1,000,000+ users
- Video Downloader professional – 300,000+ users
- Dark Theme for Youtube, FB, Chrome – 100,000+ users
- AdBlock — Stop Ad on every Site – 100,000+ users
- 2048 Game – 100,000+ users
- Music Saver – 60,000+ users
Google has disabled all the extensions reported by AdGuard, and if you have installed any of the extensions, it will be disabled automatically. However, you’ll need to remove it manually from the browser.