Fake Adblock Plus Chrome extension gets into official Web Store

JC Torres - Oct 10, 2017
6
Fake Adblock Plus Chrome extension gets into official Web Store

Android is often criticized for having malware that gets passed Google’s automated Play Store bouncer, but it is far from being the only Google-made platform to have such problems. A recent incident involving Chrome calls to mind how the web browser is perhaps even more susceptible to rather crude attempts at deceit. A still untraced fake Addlock Plus browser extension, for example, not only managed to get into the Chrome Web Store but even stayed long enough to be downloaded around 37,000 times.

This is what the Adblock Plus pretender looked like while it was still up on Web Store. Notice how it is spelled “AdBlock Plus” and how it names its developers as Adblock Plus.

Now this is how the legit Adblock Plus, developed by “adblockplus.org” really looks like.

If not for the keyword-laded description of the former, there is very little to actually clue unsuspecting users that something’s amiss. But even with that, the fake managed to dupe nearly 40,000 users into downloading it. It isn’t yet known what the poser was actually trying to do.

This is just the proverbial tip of the iceberg, though, and one that seems relatively harmless compared to past incidents. Just a few months ago, a third-party party web app, not directly connected to Chrome, managed to phish users into giving unknown third-parties permission to access their address book and Gmail. Going back even farther, Google had to lock down Windows and Mac Chrome versions from installing extensions outside of the Chrome Web Store. But now it seems that the safeguard is no longer enough.

It is really a question of how strong Google’s screening mechanism for Chrome extensions really is. Google puts a lot of emphasis on its machine learning powered security platform, now branded as Google Play Protect, for Android, but it doesn’t yet have anything to say for Chrome extensions, which also affects Chrome OS by extension (puns!). If a simple spelling change could get some potential malware through and affect that many users without being noticed, then Google might be inviting trouble for Chrome and Chrome OS. Especially now that the cat’s out of the bag.

VIA: The Verge


Must Read Bits & Bytes