Two Fake Ad Blockers Caught Stuffing Cookies
An Adblocker was one of the first extensions I’ve ever downloaded from the Chrome web store. My reason, like most that use ad blockers, is to have the option of running them on sites that tend to rely on annoying and sometimes intrusive ad distribution platforms.
I might be reviewing that sentiment though as a recently surfaced report has brought to light some disturbing news about two popular ad blockers.
A research team which comprises of members of another popular ad blocker, AdGuard made the discovery that AdBlock by AdBlock Inc. and uBlock Origin by Charlie Lee has had two clone versions that were anything but.
By taking apart the building blocks of the extensions, the team discovered the fake ad blockers utilize what is called “Cookie Stuffing,” a malicious scheme that stuffs the programs with affiliate cookies allowing the fraudsters behind the extension to receive an affiliate commission on online purchases made by users who had the extension installed.
With over one and half a million users between them and access to over 300 websites, the creators of the fake ad blockers basically have a money-making machine on their hands as it likely that they are making millions of dollars a month.
What is rather surprising about this whole fiasco is Google’s inaction considering the company’s recent push for a more secure internet and the publication the highly controversial Manifest V3 — which outlines more secure relationship between developers and clients through the platforms they create for the Chrome browser — and that it will let such a practice occur on the biggest app platform for Chrome is rather disappointing.
An argument can be made that the company can’t really filter every bad extension from the Chrome web store, but according to reports, both ad blockers were reported to be fake multiple times. It was only after the findings from the AdGuard research team were made public that Google decided to remove the two apps in question from the Chrome web store.
This should be a wake-up call for Google and should prompt a thorough inspection of the kind of programs it allows on its app platform as for the rest of us, double-check or even triple check an extension before allowing it to run on your device.