That Ad Blocker You Installed? #Malware.

This week, Threatpost reported Google removed two ad blocking browser extensions from the Chrome Web Store, AdBlock and uBlock. These two malicious browser extensions use names similar to legitimate ad blockers (AdBlock by getadblock,’s uBlock, and Raymond Hill’s uBlock Origin), but they employ the fraudulent practice of “cookie stuffing.” That is, they change the user’s cookie in a way that makes it look like the single user is multiple users clicking on the affiliate ad. At 1.6 million weekly users, this makes a substantial impact on the affected businesses. But how does this affect you?

The bogus blockers hijacked commissions for the purchases their users made, defrauding companies including, LinkedIn, and Microsoft. In the past, this sort of fraud has been successfully dealt with in court, and with companies that large in the mix, there’s no doubt that if it can be prosecuted it will be prosecuted.

[Read: Google Calendar Phish Attacking Users’ Cybersecurity & Privacy]

How to Fix It

The fraudulent extensions have been removed from the Chrome Web Store, which may seem like it makes the path forward pretty simple:

    1. If you have installed AdBlock by AdBlock Inc. or uBlock by Charlie Lee, uninstall it.
    2. If you’d like ad blocking software, install an established ad blocking extension.

Here’s the twist: I won’t recommend any substitute extensions, though, because extensions are too easily corruptible. Before choosing any extension, consider this: Browser extensions can see everything on the web sites you visit AND your computer (depending on the permissions assigned to them). Your login information for online accounts, for example, passes through your extensions. And even established extensions have been known to go rogue—a little tweak of the code and, for example, your ad blocker has lifted your Amazon credentials (username + password). And, if you want to understand the threat of stolen credentials, read this earlier post on the dangers of stolen credentials.

The question you need to ask yourself before installing any browser extension is, “Do I really need it?” Is it worth the risk? To learn more about risks associated with permission levels in Chrome, check out this summary, then decide how much risk you are willing to assume

Remember, you are not to small to be a target.

To learn more about cybersecurity for individuals and small businesses, check out the Freelancer’s Guide to Cybersecurity and its list of resources.


2 thoughts on “That Ad Blocker You Installed? #Malware.”

Comments are closed.