Adware-laden harmful extension poses as popular Adblock Plus

If your users or staff use adblockers, make sure they’re not downloading this Chrome extension posing as a legitimate program.

It was taken down as soon as Google was aware of the situation, but over 37,000 users had already installed the fake adblocker.

Not the first time Google’s dropped the ball

Instead of working to block ads, this fake version would open tabs and force users to see advertisements. The fake extension had the same name as the legitimate program, Adblock Plus.

One of the few giveaways that users were downloading a fake program was the odd product description. It was just a string of keywords, with the intention of getting the fake Adblock to show up in as many unrelated searches as possible. Google drew criticism from the cybersecurity research community for allowing the false extension to be uploaded in the first place.

But a similar incident happened to Google back in 2015.

In that instance, it was another fake adblocker that instead installed adware onto a quarter million user computers. The legitimate extension boasts over 10 million users, so in either case the impact was a drop in the bucket. The large number of downloads indicates that users are interested in blocking ads and potentially harmful adware. It’s possible that Adblock Plus or similar programs have been downloaded on company devices.

The extensions, while criticized by companies for hitting ad revenue, are front-line defenses against hidden malicious codes in embedded ads. Double check what extensions users are downloading onto company computers to make sure they’re not downloading fraudulent program.