In a clear lesson about the potential dangers involved with browser add-ons, a fake copy of a popular ad-blocking Chrome extension has tricked an estimated 37,000 users of the browser into downloading it.
The phony Adblock Plus extension used the exact same name as the genuine add-on in the Chrome web store – save for the fact that it was written as ‘AdBlock’, with a capital ‘B’ which most folks wouldn’t have noticed – and the same developer name. Also, users wouldn’t necessarily have spotted a problem scanning the feedback, as there were a good amount of reviews for the dodgy product.
But the fact is that the extension was a fake, and naturally as soon as it was spotted by SwiftOnSecurity and flagged up to Google, the offending add-on was removed from the Chrome store.
Not before nearly 40,000 folks had downloaded it, however, and it’s not clear what ill effects the extension could inflict. Engadget reports that some users of the fake extension have said they’ve been affected by rogue adverts opening multiple tabs, which sounds about right.
Indeed, fingers crossed that’s the worst thing any malicious payload hidden in the extension carries.
The real developer of Adblock Plus has offered some advice for those who have downloaded the extension recently, and are concerned they might have picked up the fake one.
The developer wrote: “One way to see if you have the real [extension] is by going to Chrome > More Tools > Extensions. The phony app also shows up as an APP in the store – not as an EXTENSION, as Adblock Plus does.
“Once you’re there, find Adblock Plus and click Details. That will take you to the Chrome Web Store. Just make sure that the extension you’re seeing says ‘offered by adblockplus.org.’ If so, you’re probably good.”
But if you’re still not happy and want to make 100% certain you’re safe, you can always simply uninstall your existing extension, and reinstall Adblock Plus from the Chrome store (now that the phony add-on has been vanquished).
Of course, when installing any extensions – or software for that matter – it pays to carefully look at the source, and examine all aspects with a critical eye (in this case, the capital ‘B’ in the name was a clue, but hardly a glaring one).
Regardless, Google shouldn’t be letting this sort of phony extension slip through the net, and hopefully a review of Chrome store moderation procedures will be underway as we type…