Thousands of Google Chrome users have been tricked into downloading a fake ad blocker.
The misleading extension was called AdBlock Plus, and its creators were also called Adblock Plus. It was a blatant copy of the legitimate Adblock Plus. The extension managed to circumvent Google’s security protocols and get itself placed in the Chrome Web Store.
Before it was taken down, it was downloaded more than 37 thousand times and had an average 4-star review. Ironically, the extension caused the user’s browser to be inundated with ads.
You are not in any danger from this extension now, because Google has already eliminated it. This is a wakeup call, however, which highlights a vulnerability in the Chrome Web Store. Security experts SwiftOnSecurity explained it perfectly on Twitter:
“Google allows 37,000 Chrome users to be tricked with a fake extension by fraudulent developer who clones popular name and spams keywords.”
This exact same problem could happen again unless Google acts to increase security on the Chrome store. Until it does, we’re all going to have to be extra vigilant when downloading extensions.