There are an incredible number of extensions for Google’s Chrome browser that add all sorts of functionality.
They include bookmarking services, to-do lists, online form fillers, an extension that allows you to use Gmail when you’re offline, password managers and far too many more to mention.
In fact, there are so many browser extensions for Chrome it’s clearly a thriving mini-industry in its own right and you could easily get lost for hours looking through them.
However, as is the way in the online world when something is popular and visited regularly,
hackers inevitably follow and congregate.
And so it is with Chrome browser extensions. In fact, so much so, that a researcher has discovered five malicious ad blockers extension in the Google Chrome Store that have already been installed by at least 20 million users.
- The five malicious extensions are actually copycat versions of legitimate, well-known ad blockers.
- Lines of code have been altered and some analytics code added
- The malicious ad blocker extensions used popular keywords in their names and descriptions to gain top ranking in search results to increase the number of people downloading them.
The malicious ad blockers appear designed to create a botnet of infected browsers. After analysing one of them, AdRemover, a security researcher concluded:
- The malicious extension receives commands from a remote server,
- These commands are scripts which are then executed and can change the browser behaviour in any way
- The browser will then do whatever the remote command server owner orders it to do
The malicious ad blockers
The malicious ad blockers are as follows:
- AdRemover for Google Chrome
- uBlock Plus
- [Fake] Adblock Pro
- HD for YouTube
AdRemover for Google Chrome has been downloaded over 10 million times, uBlock Plus over 8 million times and the fake Adblock Pro over 2 million times.
It’s important to note that Google was notified of these malicious ad blockers and has since removed them.
One of the most effective, and uncorrupted, ad blockers is Privacy Badger
. Created by the Electronic Frontier Foundation it is a free browser extension for Google Chrome, Mozilla Firefox and Opera.
- If an advertiser seems to be tracking you across multiple websites without your permission, Privacy Badger automatically blocks the advertiser from loading any more content in your browser. To the advertiser, it's like you suddenly disappeared and to the user its one in the eye for those who run a railroad through privacy.
The fact is though that malicious browser extensions are nothing new. Previous malicious extensions have:
- Allowed hackers access to everything you do online
- Steal information victims enter into websites
- Accessed passwords, web browsing history and financial and credit card details
While browser extensions can be incredibly useful, to stay safe the best thing to do is:
- Limit the number of browser extensions you use
- Only install those created by companies you know and trust