Google removes 5 malicious ad blockers off the Chrome Store

Discussion in 'other security issues & news' started by hawki, Apr 19, 2018.

  1. hawki

    hawki Registered Member

    Joined:
    Dec 17, 2008
    Posts:
    6,065
    Location:
    DC Metro Area
    "Google has kicked five malicious ad blockers off the Chrome Store...

    AdGuard, a company that provides its own paid ad blocking service, has released a report listing five fake extensions that have made their way to top spots in Chrome’s Web Store and been installed by millions of users...

    AdGuard reports that more than 20 million users in total have downloaded and installed the five extensions, with one in particular topping out at 10 million downloads....

    The five extensions mentioned in the AdGuard report have since been taken down by Google. While two of them aren’t strictly ad blockers, they abuse the same exploit. Here’s the list:

    AdRemover for Google Chrome™
    uBlock Plus
    Adblock Pro
    HD for YouTube™
    Webutation "

    https://www.techradar.com/news/google-has-kicked-five-malicious-ad-blockers-off-the-chrome-store
     
  2. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
  3. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,209
    Location:
    Among the gum trees
    I used to use HD for YouTube. :eek:

    ... If it was the same version.
     
  4. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    This is one of the things (among many, IMO) that's bad with Chrome. This type of problem doesn't exist in Firefox.

    Bo
     
  5. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    From what I've understood, it will soon be the same in Firefox, because they will also automatically rate extensions in the future. You should simply be careful with extensions.
     
  6. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    I am always extremely careful with extensions. Only install well known extensions that have been around for a long time. There is no ifs about that. AND as few as possible. Right this moment, in W7, I only have 1 and in W10 I got 2. No plugins in either computer. But I usually keep 1 sandbox where I install Flash, and use it only for activities that require Flash. This Flash sandbox I usually keep it for hours or up to a day or two.

    But this problem with Chrome, to this day, you never seen it with Firefox. To avoid problems, I avoid testing, installing extensions just because they sound good. People who install 30 extensions open themselves up to getting their browser hijacked by a malicious extension. I avoid completely that kind of risk.

    Bo
     
  7. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    4,101
    great reply.
    What are the many other things you dont like about chrome out of interest.
     
  8. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    Excellent reply to a very serious concern(s).

    Am only recently getting the feet wet with browsers like FF (Chrome the most recent) and ONLY portable.

    I admire everyone's interests & preferences like anyone else but especially take note of those who absolutely will not compromise security with third party add ons etc.

    Learning anew on this end (malware tester with security products only mostly) so i appreciate everyone's own take with browsers.
     
    Last edited: Apr 22, 2018
  9. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    They all have to do with usability. Not having the option to place tabs at the bottom is important (under URL bar). Not having the option to use the Bookmarks sidebar as the old browsers is a killer for me. I cant get used to using Drop down bookmarks menus and don't like bookmark toolbars. Never used them, not even tried them. Not having the option in the UI to disable auomatic updates is another killer. Using Sandboxie is best to disable automatic updates, this missing option create issues. Not having NoScript available for Chrome is huge. The main reason I use Firefox is NoScript. That tells it all. For me, there is no substitute for NoScript. This are the big ones.

    Bo
     
  10. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    Glad you like it, Easter. We have to really know the extensions we install. If only because if we install 1 bad extension, it can use the browser to phone home. That alone is a good reason to be careful. In my case, using Sandboxie, most of the restrictions I put in place via Sandbox settings wouldnt do anything to protect me against a malicious browser extension.

    Bo
     
  11. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    10,239
    Location:
    Lloegyr
  12. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Exactly, I try to keep installed extensions to a minimum. But like I said, in the future FF might also start having problems with rogue extensions. I really think they should keep a dedicated staff just for reviewing extensions.
     
  13. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    If that happens, you still can minimize the risk by installing as few as possible extensions and only extensions that have been around for a long time and are well known. Extensions that have been around for years.

    Bo
     
  14. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,941
    Location:
    USA
    Many of the extension names are quite similar, making user research all the more imperative.

    A quick example would be the linked article ("Google has kicked five malicious ad blockers off the Chrome Store") includes a reference to another linked article ("The best Google Chrome extensions 2018"). Adblock Plus is listed in that latter article as one of Chrome's best extensions, and that name is very similar to (and hence, perhaps easily confused with) uBlock Plus and Adblock Pro, two of the alleged malicious ad blockers. Sometimes it pays to glance at the productivity rating to get an idea of how many users have downloaded the extension.

    I currently have two such extensions installed, AdBlock and uBlock Origin, and I alternate between which one is enabled. I think I get a better experience from AdBlock, but uBlock Origin has its advantages.

    I am trying to find an adblocker that works with MLB-TV, to no avail. MLB-TV recognizes both of these extensions and keeps intermittently stopping the broadcast until the adblocker is disabled. There is also the question as to whether or not Chrome's internal adblocker and popup blocker should be run with these extensions (I think the internal blockers are redundant), and whether MLB-TV recognizes them. I just HATE the commercials between innings, and I am not always right there to mute the volume when they come on.
     
  15. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    6,941
    Location:
    USA
    This thread topic compelled me to go back and dig out a 6 year old thread, in case any members are interested in our concerns on this subject back in 2011 & 2012. Chrome extension vetting
     
  16. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    Looking at the amount of users an extension have is a good practice. I noticed the similarity in names you are talking about the other day when I installed Sandboxie and an adblocker for a friend who uses Chrome. I am totally unfamiliar with Chrome, it wasn't easy making sure I was installing the real Adblock plus..

    Bo
     
  17. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Correct, but sometimes it's tempting to load unknown extensions if you really need a feature. Would be cool if you could limit extension permissions, browser developers should have implemented this a longtime ago.

    Yes, it's quite easy being tricked.
     
  18. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    My friend Rasheed..........thats what we got Sandboxie for. :)

    In the past I installed extensions in the sandbox to quick test them or to use them for one session, use them for what they do and delete the sandbox. That way you dont install them in your system, minimizing the amount of addons you install but still can use them. I used to do that with Element Hiding Helper for Adblock plus and still do it every day with Flash. I havent had Flash installed in my system for at least the past 6 or 7 years, but use Flash just about every day.

    Bo
     
  19. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Correct, but even when running them sandboxed there is no easy way to know if they are behaving maliciously or not. The problem is that extensions have full access to browser memory and can also make outbound connections. I'm not sure if it's possible for them to steal passwords, but I do block the browser from getting access to private folders, so this should stop data exfiltration.
     
  20. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    Rasheed, if we install sandboxed an extension that we are not sure about trusting it, we can do anything with it in the browser but nothing sensitive. Absolutely nothing sensitive (no banking, no purchases, no passwords, etc). If the malicious extension is designed to steal passwords, it will steal yours and use the browser (sandboxed or not) as a vehicle to phone home. And like you said, it is also a good idea to block access to your personal and sensitives files and folders.

    Bo
     
  21. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Correct, but how to know if you can trust some extension eventually? There needs to be some pro active protection that should be implemented into browsers. I do believe that SpyShelter claims to be able to block certain key-logging extensions. Here is another example of malicious extensions that are quite advanced, they should not have the power to do this in the first place!

    https://blog.radware.com/security/2018/05/nigelthorn-malware-abuses-chrome-extensions/
     
  22. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    I know I can trust the ones that have been around for a long time and like Page42 said, have many users. Its a simple formula, it works. Cant miss.

    Bo
     
  23. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Correct, that's all you can do, but I have to admit that I'm also using a couple of not so popular extensions. But so far so good.
     
  24. Hikertrash

    Hikertrash Registered Member

    Joined:
    Jun 6, 2017
    Posts:
    1
    Location:
    Franklin, NC
    Ad Remover is heavily advertised on YouTube. It offers a 1 week trial then it's like $40-$50 for five devices per year. I thought it worked great but before my week was up I saw an article where it could have been malicious, so I uninstalled. Too bad I was seriously tempted to pay the fee.

    Has anyone else heard anything concerning Ad Remover.
     
  25. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,209
    Location:
    Among the gum trees
    Why pay when uBO, ABP, Adguard + others do that for free?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.