Donate to us!
You cannot teach a man anything; you can only help him find it within himself. - Galileo
Monday, October 15, 2018
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 53
Guests Online: 49
Members Online: 4

Registered Members: 107141
Newest Member: ChilldwellerPayonose
Latest Articles

5 Backdoored Ad Blockers Removed from Chrome Store

Google removed five fake ad blockers from the Chrome Store after they were flagged by a researcher, but they had already been downloaded more than 20 million times.

The malicious ad blockers were discovered by Andrey Meshkov, co-founder of Adguard, who detailed his findings in a blog post. While he noted that hackers have long created cloned versions of popular ad blockers, they have grown more sophisticated.

These criminals still use simple rip-offs of popular products, with a few lines of code added by the new authors.  But instead of using similar names like Adguard Hardline or Adblock Plus Premium, they spam keywords into the extensions description, trying to move it to the top search results and increase the likelihood of getting a victim to download it.

Cloning real ad blockers and adding malicious features into them has become a popular tactic for cybercriminals. For example, in 2017, a researcher discovered a fake Adblock Plus Chrome extension that tricked 37,000 users into installing it.

Fake ad blockers hide malicious code inside jQuery, a well-known JavaScript library. The code sends back information to its server about the websites a victim visits. It then receives command scripts from the remote server that are executed and can change your browsers behavior in any way.

Basically, this is a botnet composed of browsers infected with the fake adblock extensions. The browser will do whatever the command center server owner orders it to do.

The following five ad blockers were found to use this malicious approach:

  1  AdRemover for Google Chrome™ (10M+ users)
  2  uBlock Plus (8M+ users)
  3  Adblock Pro (2M+ users)
  4  HD for YouTube™ (400K+ users)
  5  Webutation (30K+ users)

These findings were reported to Google on Tuesday. By Wednesday, all five fake ad blockers were removed.

To best protect yourself, look very closely at any extension before you install it. You should check who the author of the extension is, and avoid installation if you cannot confirm that they are trusted.

Posted by Huitzilopochtli
Source : Unknown
Friday 20 April 2018