Scam provokes wider debate into the capabilities of browser extensions

The takedown of two fake ad blocker extensions from the Google Chrome Web Store serves as a cautionary tale for web surfers.

The two counterfeit utilities – AdBlock by AdBlock, Inc. and uBlock by Charlie Lee — each pulled in more than 800,000 downloads before security researchers exposed their sharp practices as deceptive clones of legitimate online privacy utilities.

Both of the sketchy browser extensions engage in cookie stuffing, a unethical form of affiliate marketing that borders on ad fraud, Andrey Meshkov of AdGuard Research discovered.

The shady behaviour took place in addition to deceiving users by using the names of legitimate, widely used ad blockers.

The cookie stuffing activity only starts days after the extension is installed. In addition, Meshkov discovered that suspicious activity ceases if the app detects that the developer console is open, a feature that’s designed to hide dodgy actions from inspection.

Both extensions were blocked in Chrome shortly after AdGuard published its research.

Meshkov is far from satisfied from this “whack-a-mole” approach to the problem, arguing that Google needs to proactively review browser extensions before allowing them to be published in its Chrome Web Store.

“This problem is not new, and similar cases were reported before,” Meshkov said. “However, despite that, I see no effort from Google to resolve this. It seems that the situation is even worse now.

“At least fake blockers had to invent a new name before. Now, as you can see, they don't even bother to do that!”

Google recently came forward with a controversial proposal, ‘Manifest V3’, to limit the capabilities of Chrome browser extensions.

Meshkov is unconvinced by this approach, citing a recommendation by the Electronic Frontier Foundation that Google “needs to start properly enforcing existing Chrome Web Store policies” rather than developing a new approach.

The Daily Swig invited Google to comment on this criticism.

The issue of dodgy browser extensions extends beyond the Chrome Web Store. “An AdGuard rip-off has even got a ‘recommended’ badge on Mozilla Add-ons despite multiple reports on the unethical behavior,” Meshkov notes.

The genuine developers of AdBlock praised AdGuard for its “important work” in “exposing fake ad blockers”.

A Twitter update to the official Adblock account goes on to advise consumers “never to download *any* extensions from sources you don’t trust”.

This sentiment was echoed by the uBlock user community.


RELATED Under-the-hood changes to Chrome will break ad blockers – unless you’re a paying customer