silversurfer

Level 66
Verified
Trusted
Content Creator
Malware Hunter
More than 80 million Chrome users have installed one of 295 Chrome extensions that hijack and insert ads inside Google and Bing search results.

The malicious extensions were discovered by AdGuard, a company that provides ad-blocking solutions, while the company's staff was looking into a series of fake ad-blocking extensions that were available on the official Chrome Web Store.

A subsequent investigation into the fake ad blockers unearthed a larger group of malicious activity spreading across 295 extensions.
Besides fake ad blockers, AdGuard said it also found extensions posing as weather forecast widgets and screenshot capture utilities.

However, the vast majority of the malicious extensions (245 out of the 295 extensions) were simplistic utilities that had no other function than to apply a custom background for Chrome's "new tab" page. [...]

Extensions started being pulled down from the store after we reached out to Google's Web Store team and after AdGuard published a blog post detailing their findings.
"The full list of 295 ad-injecting browser extensions is available below, at the end of this article"
 

Spawn

Administrator
Verified
Staff member
Part of the problem are these people who simply don't care.
The same blog post also details additional bad practices on the Chrome Web Store, such as store moderators allowing a large number of copycat extensions to clone popular add-ons, capitalize on their brands, reach millions of users, while also containing malicious code that performs ad fraud or cookie stuffing.
 
Last edited:
Top