Ad-blocking browser extension actually adds ads, say Imperva researchers

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

Security vendor Imperva’s research labs have found a browser extension that claims to block ads, but actually injects them into Chrome or Opera.

A post from Imperva staffers Johann Sillam and Ron Masas names an extension called AllBlock as the culprit.

The extension does block ads, they write. But it also runs a background script that injects a snippet of JavaScript code into every new tab that users open.

That code snippet talks to remote servers and downloads a payload that Imperva claims is connected to operators of an ad-injection scam.

That scam, Silland and Masas observe, pipes in ads other than those from legitimate sources that would otherwise appear on a web page. Some of those ads include affiliate links – whoever is behind this extension could be skimming commissions from netizens that click on injected ads.

Google has often said it takes the security of Chrome extensions seriously, and vets them to stop all sorts of naughtiness. It looks like those processes have

Read the article