At least fake blockers had to invent a new name before. It seems that the situation is even worse now. However, despite that, I see no effort from Google to resolve this. This problem is not new, and similar cases were reported before. Sentences for cookie stuffing are real so there's a chance that the developers of these extensions will be held responsible. Now that this fraud scheme is uncovered, affiliate programs' owners can follow the money trail and find out who is behind this scheme. It is difficult to estimate the damage, but I'd say that we are talking about millions of USD monthly.Īctually, there's a bright side to it. These two add-ons have more than 1.6 Million "weekly active users", who were stuffed with cookies of over than 300 websites from Alexa Top 10000.
This technique is known as Cookie stuffing, and this is basically an ad fraud scheme. Now if you make a purchase on the extensions owner will be paid a comission by Teamviewer. In response, your browser receives a special "affiliate" cookie. What's going on here, you'd ask? Apparently, this address belongs to Teamviewer's affiliate program. A chain of redirects follows this request: The extensions will immediately open that URL in the background. The response to this request contains a special URL: For instance, if you visit, they'll send a request like this: They now send a request to for each new visited domain. After that the extensions' behavior changes, and they start doing a few more things besides ad blocking. This new response contains a list of commands for the extension to execute. However, about 55 hours after the installation, the response suddenly changes, and it does not look that innocent anymore. Periodically, they send a request like this: GET Īt first glance, the server response looks innocent:
#Adguard adblocker chrome web store code#
They both are based on the code of the original "AdBlock" extension so the quality is good enough. Skip to the next part if you're not a developer.Īt first, these add-ons just do what they're supposed to do - they block ads. Let's get to the next part then - malicious behavior. However, despite multiple reports, these extensions are still not removed.Īpparently, ethical issues and deception cannot be a reason for extension removal. Here is the legit AdBlock extension followed by its clones What's wrong with them?įor starters, they are using the names of two other very popular ad blockers, and this alone is deceitful and simply not right and should be enough. The real question is, how could you (a casual user) know it? How do I know that? I spent quite some time inspecting their code trying to figure out what they do. And there are many more not so popular deceptive clones there. This "AdBlock" is fake and malicious, and the "uBlock" one is the same. Or maybe I'll try this "uBlock" by "Charlie Lee"? Five stars rating, 850,000 users, it must be good as well. It has a privacy policy, it has over 800,000 users, and it is from a German company. This "AdBlock" by "AdBlock, Inc" looks legit. Oh, really? That's cool, thank you! I'll grab one from the top of the search results. No worries, we are going to limit the power of ad blockers soon, this will definitely help! Hmm, hundreds you say? Is it safe? I heard that last year a lot of them appeared to be fake and malicious! Sure, head to Chrome Web Store, there are literally hundreds of ad blockers there! OK, Google, I use Chrome, and I'd like to get an ad blocker for it.
0 kommentar(er)
