Go to listing page

Over 1 million Google Chrome users affected by Cookie Stuffing from two popular adblockers

Over 1 million Google Chrome users affected by Cookie Stuffing from two popular adblockers
  • AdBlock and uBlock, two popular Ad Blockers, were found stuffing cookies to generate revenue.
  • Last year, AdGuard pointed out five similar fraud ad blockers with over 20 million active users.

An overview: Google Chrome on Monday booted two pretentious Ad Blockers ‘AdBlock' and uBlock’ that were home to extensive ongoing ad fraud.

  • AdGuard, a maker of an ad-blocking software (Russia) discovered the extensions accused of redirecting users to malicious or compromised websites hosting malware or phishing scam.
  • “AdBlock” was published by “AdBlock, Inc” and “uBlock” by “Charlie Lee.”

“The two extensions used names that are confusingly similar to two better-established ad blockers, Adblock Plus and uBlock Origin, and that this alone should deter people from using them,” said Andrey Meshkov, co-founder and CTO of AdGuard.

The no-brainer trick that worked: Every day, over 600 million users work online with their Ad Blockers turned on. It offers a lucrative ground to cybercriminals and petty online crooks who are always seeking opportunities to make big bucks on someone else’s account.

  • uBlock had more than 863,000 user installs while AdBlock had over 848,000 unsuspecting users. Likewise, their 5-star ratings were high too, adding to their credibility.
  • The reason these Ad Blockers managed to gather traction for installations is that their names (and sometimes appearance) would resemble other popular authentic apps.
  • And, yes! They do block ads just the way an AdBlocker does.

What were their abilities: Though it doesn’t matter now, but it is worth knowing what other similar app cloning frauds can do to you and your system.

  • Such extensions usually store cookies from third-party without the users’ permission or knowledge, which is known as cookie stuffing.
  • That cookie keeps track of the victim’s browsing actions and, if a user is attempting to make an online purchase, the cookie stuffer is paid a commission by the target.

“The scale is unprecedented. These two add-ons have more than 1.6 million weekly active users, who were stuffed with cookies of over 300 websites from Alexa Top 10000. It is difficult to estimate the damage, but I’d say that we are talking about millions of USD monthly,” Andrey added.

However, it is not the first time when Adguard researchers tried exposing fake Ad Blockers running sophisticated ad fraud against Chrome users. The company had identified five such fake AdBlocker extensions last year, which were collectively scamming over 20 million users.

A piece of common advice: If you enjoy using AdBlockers and love the smooth surfing experience on Chrome, ensure the authenticity of apps on the platform. You can always take a few safety measures such as considering recommendation from online portals and friends, keep an eye on blog posts from Adguard and Cyware, and more.

Cyware Publisher