More than 20 million Chrome users have been infected with malware after downloading malicious browser extensions disguised as ad blockers.
The shady ad blockers were discovered by Andrey Meshkov from Adguard, who highlighted the dangers of downloading ad blockers and other Chrome extensions without thinking twice.
While Google has now removed the apps in question, they had already been downloaded more than 20 million times and it is believed that many more users could be affected.
Mr Meshkov revealed that the rogue ad blockers could leak information about the websites you visited.
Once installed, hackers could then force the adblock extension to take over the victim’s Chrome browser to “do whatever the command center server owner orders it to do,” potentially stealing login credentials and other sensitive data.
The list of malicious ad blockers include:
- AdRemover for Google Chrome™ [10 million+ downloads]
- uBlock Plus [8M+ downloads]
- Adblock Pro [2M+ downloads]
- HD for YouTube™ [400k+ downloads]
- Webutation [30k+ downloads]
The advice to users is to be vigilant when installing any app or Chrome extension, even if they are available to download from the Chrome Store or Google Play Store.
Do your research before installing any app or extension in order to make sure it is legitimate.
“Surfing through the Chrome’s Web Store is like walking through a minefield,” AdGuard wrote
“If you want to install an extension, think twice. And then think twice again. Check who is the author of this extension. Do not install it if you don’t trust the author. Please note, that at some point the extension can be sold to someone else, and who knows what it will become.”