Instead of blocking ads in browsers, the extension pumps even more junk onscreen to steal ad revenue from legitimate advertisers.
Annoyed and distracted by the incessant ads in Chrome and Opera browsers? Just download a free ad blocker extension and you may get some relief.
Except in a recent case, a free browser extension called AllBlock turned out to give ad haters even more headaches.
Cybercriminals often advertise ‘free’ apps and plugins that look legitimate. This baits more people to download software into their machine. In the recent campaign discovered by Imperva Research Labs, AllBlock was advertised as an ad blocker extension available on both Chrome and Opera browsers.
The campaign targeted users of some of the largest websites, stealing clicks and advertising revenue. The originators of the attack have not been discovered, but researchers believe there is a larger campaign taking place that may utilize different delivery methods and more extensions.
Through such ad injection campaigns, cybercriminals steal advertising revenue from publishers and websites and create a terrible experience for the user—displaying annoying ads and degrading site performance—which can result in customer loss.
Worse, this particular ad injection campaign is hard to detect because the malware contains code to monitor when debugging tools are being used. It then hides its malicious activities.