It turns out that a browser extension that says 'ad blocking' was actually inserting ads on the page

Security company

Imperva discovered a browser extension that claimed to 'block ads,' but found that it was actually inserting ads into web pages.

The ad blocker that injects ads | Imperva

Ad-blocker actually delivers ads, say security researchers • The Register

The extension in question is called 'All Block' that was distributed for Chrome and Opera. One day, Imperva's research team was conducting regular checks on potential threats on web pages, and found an ' ad injection ' script that displayed unauthorized ads on web pages for the purpose of getting users to click. I found the domain I'm distributing.

An analysis of the script and related Chrome extensions by the research team reveals that AllBlock is doing the same malicious behavior. AllBlock was distributed as a mere ad blocking extension, but a careful analysis by the research team revealed that a script was written to hide the behavior of malicious code.

When it was actually operated, a news site containing affiliate links was displayed in the search results.

The research team said, 'The ads displayed by the script are from non-legitimate sources, contain affiliate links, and malicious people may be stealing advertising fees. Ad injection is an evolving threat. And can affect almost any site. '

He also said that such extensions have passed the security checks of each browser: 'Google claims to be scrutinizing the security of Chrome extensions and blocking threats, but in question. Extensions are being distributed despite the potential for stealing Google's revenue, which indicates that Google's processes aren't working brilliantly. '

in Security, Posted by log1p_kr