How do the Chrome Store’s malicious ad blockers show the duplicity that end users face in cybersecurity?


The recent rash of malicious ad blockers dropped from Google's Chrome Store shows how difficult it is to shield end users from deceptive types of hacking.

The tech press widely reported that over 20 million users had installed some form of one of these fake ad blockers before Google decided to yank them from the inventory. ZDNet provided a breakdown where one product, AdRemover for Google Chrome, was utilized by over 10 million users, with another variety, uBlock Plus, garnering 8 million users and a fake AdBlock Pro getting more than 2 million users.

After cybersecurity experts discovered malicious features in the cloned ad blockers, Google decided to remove many of the worst offenders. But people are still talking about how lackluster vetting can produce additional dangers for customers.

At issue is the Google Chrome extension – a type of small software program that users can add to Google Chrome to enhance how the browser works. Extensions are distributed through the Chrome developer dashboard and they are published to the Chrome Web store – but some are saying that without more involved screening for these third-party products, more end users could see their systems jeopardized.

Part of the deceptive nature of these new types of hacking is that hackers prey on the idea that users have to safeguard their systems. An ad blocker or anti-malware program seems like it's intended to enhance security, not detract from it. The issue lies in what happens behind the scenes, and how hackers clone, imitate and hijack legitimate systems, names and techniques to befuddle their targets.

It's a little like another major hack making its way around the consumer community now. Many PC users have heard a warning voice suddenly screech out of their laptop or desktop computer talking about how they could harm files or destroy systems if they don't do certain immediate tasks. The irony is that this message is intended as a phishing attempt and does not constitute a legitimate cybersecurity alert.

With all of this sophisticated hacking in the mix, end users will have to get more educated on how to maintain their systems. The arms race between hackers and security professionals is only going to heat up as new artificial intelligence and machine learning technologies make their way to the scene. Problems like those recently highlighted with the Google Chrome store reveal how important it is to have universal and consistent safeguards for a community of users.

Related Terms

Justin Stoltzfus

Justin Stoltzfus is an independent blogger and business consultant assisting a range of businesses in developing media solutions for new campaigns and ongoing operations. He is a graduate of James Madison University.Stoltzfus spent several years as a staffer at the Intelligencer Journal in Lancaster, Penn., before the merger of the city’s two daily newspapers in 2007. He also reported for the twin weekly newspapers in the area, the Ephrata Review and the Lititz Record.More recently, he has cultivated connections with various companies as an independent consultant, writer and trainer, collecting bylines in print and Web publications, and establishing a reputation…