The team behind AdGuard, a real ad-block extension for browsers, reported in a blog post this week that two popular ad blocking extensions found on the Google Chrome Web Store are, in fact, completely fake, despite being used by millions of users.
The two extensions, called AdBlock by AdBlock Inc. and uBlock by Charlie Lee, also mislead users by mimicking names of two real ad blocking extensions, as well as the names of the developers behind those extensions. Users have reported these extensions as fake, but Google has seemingly yet to take action.
According to AdGuard, the real purpose of these fake ad blocking extensions is “cookie stuffing,” which is used as an ad fraud scheme. The creators of the fake extensions stuff them with affiliate cookies, so that when the users of the extensions visit a relevant e-commerce site (such as Amazon) and make a purchase, the creators of the fake extensions get paid the affiliate commission for that purchase.
The two extensions have 1.6 million active users and are stuffing cookies from 300 websites from Alexa Top 10000 most popular websites, AdGuard said, saying it studied the extensions' code. AdGuard believes that these malicious actors are making millions of dollars a month.
The good news is that now that the scheme has been publicized, there is a chance that the affiliate programs' owners can follow the money trail and expose these fake ad blocking extensions' creators were.
The AdGuard team said that it doesn’t believe Google’s proposed and highly controversial Manifest V3 change, which is supposed to increase user security and privacy, will solve this issue of fake ad blocking extensions. In fact, the AdGuard team agrees with the Electronic Frontier Foundation’s proposal that Google should instead just review its extension store better.
How do you protect yourself until that happens? AdGuard recommends these options to start:
- If you're going to install a browser extension, think again. Maybe you don't really need it?
- Don't believe what you read in the extension's description. Be aware that there's almost no review process, and this can easily be a fake.
- Reading the users' reviews won't help as well. These two extensions had excellent reviews and yet they were malicious.
- Don't use the WebStore internal search, install extensions from the trusted developers' websites directly.
What these suggestions are really telling us is that AdGuard believes that the Chrome Web Store is like The Wild, Wild West, where almost anything goes, except for the minimum limitations put in place by the Chrome browser’s API support. Much like in the time before “app stores” and “extension stores” existed, you are ultimately on your own when you install something from the web and you should verify that the developer is trustworthy before allowing their code to run on your computer.
That like other malicious stuff on the net - good example is the fake windows errors that popup asking you to call Microsoft and not kill you internet connection. They do that because they think you are stupid and that was you should - clean you browser data and then turn it back on
A good give away is the source of this article - it from another Ad Blocker itself
The utiimate solution one day is for OS to run the browser in isolated Virtual Machine. There for on restart it complete new state. Copying download items from virtual machine is more in control from user and can go scanning software.
Although, as far as I know, the "real" adblock still sells ad space to let companies like Facebook bypass the filter. So, real is relative.
but imho they get nothing off me as i dont use my PC to purchase stuff at all :D
To comment on this, we've (AdBlock - the real one) been fighting these fake ad blockers with our attorneys for years; we've actually spent a lot of time and money doing so. We haven't done an expose because we just haven't had the resources, but we're thankful for AdGuard for doing this extremely important work. These malicious extensions are a huge problem.
(And just to clarify, we don't sell ad space to anyone. If you're referring to our Acceptable Ads filter list, users are welcome to opt in or out of that as they please.)
Thanks to the Tom's Hardware team for updating the headline and removing the AdBlock photo. We appreciate your quick response to our concerns!
Agreed, that seems much more informative and factual.