Some 37,000 people downloaded a spam version of the "AdBlock Plus" extension from Google after a fraudulent ad blocking extension snuck through Google Chrome's verification process and appeared in the Chrome Web Store yesterday.
It's easy to see why Google (and some 37,000 people) were tricked — the developer who packaged the adware into an extension used the name of an already popular and legitimate extension, AdBlock Plus.
SEE ALSO:Whoops, a hacker found a way to steal your passwords from macOS High SierraAdditionally, the bogus page in the Chrome store came with reviews. In short, the fraudulent extension looked pretty realistic. Twitter user SwiftOnSecurity, who regularly tweets about web security, posted an image of the devious extension:
Google allows 37,000 Chrome users to be tricked with a fake extension by fraudulent developer who clones popular name and spams keywords. pic.twitter.com/ZtY5WpSgLt
— SwiftOnSecurity (@SwiftOnSecurity) October 9, 2017
Google eventually caught wind of the breach and removed the deceitful adware, but it remains unclear just how harmful the malware is for those who already downloaded the extension. At least one unfortunate user says they're being hit with ads. In a screenshot of a review, posted by SwiftOnSecurity, the user states that the "instant this was added to Chrome started getting invasive ads with high volume levels opening new tabs."
Though Google took down the adware, SwiftOnSecurity was unimpressed by Google's failure to stop this malware from sneaking through and ending up conspicuously displayed in the Chrome store in the first place:
Legitimate developers just have to sit back and watch as Google smears them with fake extensions that steal their good name pic.twitter.com/3Tnv4NtY9t
— SwiftOnSecurity (@SwiftOnSecurity) October 9, 2017
The 37,000 infected users probably hope this public shaming further motivates Google to buffer the Chrome store's verification process. After all, malicious developers will only get more inventive if the problem isn't fixed.
TopicsCybersecurity
(责任编辑:焦點)
'Rocket League' Championship Series Season 2 offers $250,000 prize pool
What is this 'Friends' background actor chewing on?
Photo of police in riot gear arresting protester in a dress strikes chord on social media
You can't use food stamps online. This organic grocery startup wants to change that.Chinese gymnastics team horrifies crowd with human jump ropeFiji's men's rugby sevens team has made history by defeating Great Britain and claiming the country'
...[详细]Nintendo just grew by $7.5 billion thanks to 'Pokémon Go'
Pokémon Gohas emerged in just a few days as a cultural phenomenon. In an even shorter amount
...[详细]Queen Cersei sides with Ewan McGregor, slams Boris Johnson
LONDON -- If there's one person you really don't want to get on the wrong side of, it's Cersei.Boris
...[详细]'Pokémon Go' is finally out, but not for everyone
UPDATE: July 6, 2016, 6:23 p.m. AESTIt looks likePokémon Go's Australian launchcould be havin
...[详细]Dramatic photo captures nun texting friends after Italy earthquake
The image of an injured, bloodied nun, calmly texting friends and family in the wake of the deadly e
...[详细]Gorgeous drone footage captures couple sex'ing in a church steeple
Nowhere is safe now that drones are flying about -- not even church.What seemed like innocent aerial
...[详细]
Evolvejust leveled up.The 2015 game from Turtle Rock Studios is entering into what the developer cal
...[详细]Researchers stored an OK Go music video on strands of DNA
Researchers just figured out how to squeeze 200 MB of data onto some strands of DNA.That's right, th
...[详细]Two states took big steps this week to get rid of the tampon tax
