I get it: you don’t like websites that push countless ads you, so you’ve just decided that enough is enough and the use of an ad blocker is in order. But make sure you don’t fall for the fake AdPlus Block extension that Google allowed into the official Chrome store.
Some 37,000 people already installed the fake app. If you’ve just added AdBlock Plus to your Chrome browsing experience, better make sure you’ve got the legit one.
It’s unclear how the fake app made it through Google’s verification process, which should be the first layer of protection against malicious web apps. Once approved to the Chrome Web Store, the fake app was available for download right alongside the right one. I wouldn’t blame you if you got confused. After all, if the apps are in the store, then they must be legit, right?
First spotted by SwiftOnSecurity, the fake app is now removed from the store.
Google allows 37,000 Chrome users to be tricked with a fake extension by fraudulent developer who clones popular name and spams keywords. pic.twitter.com/ZtY5WpSgLt
— SwiftOnSecurity (@SwiftOnSecurity) October 9, 2017
It’s also unclear what the fraudulent app did on the machines it infected. Yes, infected is the right word, as this is a malicious app created by a “fraudulent developer who clones popular name and spams keywords.” But one user who installed it revealed in a review that the fake AdPlus Block app pushed invasive ads and opened up additional tabs.
Safe to say that you should pay extra attention to your computer if you’re one of the 37,000 users affected by the issue.