Fake web ex­ten­sions with ‘real’ names

Computer Active (UK) - - Protect Your Tech -

What’s the threat?

Hack­ers cre­ated a fake ad-block­ing browser ex­ten­sion for Google Chrome that pre­tended to be an of­fi­cial prod­uct from the pop­u­lar Ad­block Plus (used on about 100 mil­lion de­vices).

It was listed in the Chrome Web Store with the same logo – ‘ABP’ in a red stop sign – and used the same key­words so peo­ple would find it when search­ing for the real ex­ten­sion. On the sur­face the only dif­fer­ence was a cap­i­tal ‘B’ in the name (see screen­shot). The fake ex­ten­sion even had a good star rat­ing – four out of five - and over 150 re­views.

It’s not known what harm in­stalling the ex­ten­sion did, though some peo­ple have said it dis­plays in­tru­sive ad­verts that open sev­eral tabs. Google re­moved the ex­ten­sion only af­ter be­ing told about it on Twit­ter, by which time over 37,000 peo­ple had in­stalled it.

How can you stay safe?

Sadly, there’s no sil­ver bul­let against fake ex­ten­sions. Stay­ing safe means triple-check­ing the au­then­tic­ity of an ex­ten­sion, ide­ally by con­tact­ing its de­vel­op­ers.

Un­der­stand­ably, Ad­block Plus’s de­vel­op­ers were an­noyed by the im­poster, writ­ing in a blog post ( www. snipca.com/25959) that it was “trou­bling”. They also gave in­struc­tions to check which ver­sion you have in­stalled. Click Chrome’s top-right menu but­ton (three ver­ti­cal dots), ‘More tools’, Ex­ten­sions, then look for Ad­block Plus. Click the small blue ‘De­tails’ link, then ‘View in store’ in the box that ap­pears, which – if you have the real ver­sion – takes you to Ad­block Plus’s page in the Chrome Web Store.

To be to­tally sure, re­move the ex­ten­sion by click­ing the bin icon then re-in­stalling it from https://ad­block­plus. org, or from the Chrome Web Store at www.snipca.com/25958. Google re­alises there’s a prob­lem with nasty ex­ten­sions, and has im­proved Chrome in re­sponse (see New Tools be­low).


Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.