Security News > 2021 > October > Ad-Blocking Chrome Extension Caught Injecting Ads in Google Search Pages
A new deceptive ad injection campaign has been found leveraging an ad blocker extension for Google Chrome and Opera web browsers to sneakily insert ads and affiliate codes on websites, according to new research from cybersecurity firm Imperva.
The findings come following the discovery of rogue domains distributing an ad injection script in late August 2021 that the researchers connected to an add-on called AllBlock.
The extension has since been pulled from both the Chrome Web Store and Opera add-ons marketplaces.
While AllBlock is designed to block ads legitimately, the JavaScript code is injected into every new tab opened on the browser.
Imperva said the AllBlock extension is likely part of a larger distribution campaign that may have utilized other browser extensions and delivery methods, with ties observed to a previous PBot campaign based on overlaps in domain names and IP addresses.
"Other impacts of ad injection include loss of customer trust and loyalty, revenue loss from ad placements, blocked content and diminished conversion rates."
News URL
Related news
- Google to let businesses create curated Chrome Web Stores for extensions (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- How to enable Safe Browsing in Google Chrome on Android (source)
- Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices (source)
- New tool bypasses Google Chrome’s new cookie encryption system (source)
- Google says “Enhanced protection” feature in Chrome now uses AI (source)