Published: April 14, 2022 on our newsletter Security Fraud News & Alerts Newsletter.
Those intrusive pop-up ads that slow down our browsers and bounce the content we want to read are by most accounts, insufferable. Knowing that, developers have created ad blocker extensions to help with this annoying and potentially harmful web surfing issue. One self-proclaimed ad-blocking extension, AllBlock Chromium, however, is doing the exact opposite of what it says it does and those behind it are making profits off that broken promise.
In Reality, A Malicious Ad Injector
Those who downloaded AllBlock Chromium ad-blocking extension to squelch pop-up ads on Facebook and YouTube, as it claims to do, find themselves drowning in more pop-up ads than ever before. AllBlock Chromium, finds researchers at Imperva, is a malicious extension and deceptive ad-blocker. It contains a script that makes it an ad injector that increases the overall number of pop-up ads, for starters. Those who’ve downloaded this extension are redirected to fake sites created to promote these illegitimate ads.
Ad injectors insert unauthorized ads into a web page to invite users to click on them, generating revenue for their developers and others. For example, retail sites have become a favorite hunting ground for these malicious ad-injecting extensions. Their unauthorized product ads compete and steal clicks (and profit) from the retailer’s legitimate advertising.
Some ads are placed directly over or replace the original ads, making them impossible to see. Still others appear on web pages not intended for advertising, with many covering the written content. In one case, Adrozek ad injector that infected Chrome and Firefox browsers among others, was discovered infecting 30,000 devices a day at its peak last year.
Protection From Ad Injectors
All involved with creating and promoting malicious ad injectors play the blame game, making it impossible to pinpoint those responsible. Although Google Play and other app stores do their best to find and remove malicious extensions, they still sneak in as available for download. Once again, the responsibility lands on individual users to avoid these harmful extensions. Unless they are named, as with AllBlock Chromium, how can we possibly avoid them? Fortunately, there are answers to that question we can all benefit from.
Always check user reviews before downloading any extension. There you’ll find posted the good, bad, and ugly reviews that can help you decide whether it’s safe to download.
Unless there’s a specific need for an extension, there’s no reason to download them. Always turn off those you no longer need or use.
Take browser warnings seriously. Those claiming a software isn’t safe to use or suggest you leave a risky page and return to safety are there for good reason.
Remember to check the number of reviews for any app you are considering for download. If there are just a few, perhaps wait a while until others have reviewed them. If something is malicious, those with experience will certainly let you know there.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at firstname.lastname@example.org