Fake Ad Blocking Products Downloaded 20 Million Times

We often warn about malvertising, or malicious advertisements, here and how they are being used in the world of cybercrime. It’s often recommended that ad blocking software and apps be installed on all internet-connected devices. The cybercriminals have apparently got wind of that advice and have installed several malicious ad-blocking apps into the Google Chrome Store.

Some 20 million downloads of infected products have occurred. They include:

• Adblock Pro
• AdRemover for Google
• HD for YouTube
• uBlock Plus
• Webutation

If you have downloaded any of these products, delete them completely. Researchers at AdGuard have determined that ironically, some of them can actually leak information about your visit to some websites. Others can be used to hijack the user’s Chrome browser to do whatever hackers want it to do. That may mean including your browser in a botnet. These are used in the world of cybercrime to perform malicious activities, such as denial-of-service attacks.

While Chrome and the official store for getting extensions is targeted for distribution in this one, it is still much safer to download your software and apps from the official stores for the respective devices. Obviously, some bad products get through, but everything that gets into those stores does go through more security testing before they are allowed to stay.

Google has since removed all of these products, but it is most certainly not the last time things such as this may appear. And the advice to install ad-blocking products continues to be true. Just do your research beforehand. Read reviews and product descriptions of anything you install and if there is any doubt about it at all, pick something else.

Stickley on Security
Published March 9, 2019