Fake ad blocker extensions used in ad fraud scheme

News
By published

Popular fake ad blockers engaged in cookie stuffing

(Image credit: Google)

Users trying to clean up their web browsing experience by installing an ad blocking extension may want to think twice as new research from AdGuard has revealed that many popular ad blockers are not only fake but also malicious.

After a thorough investigation of the ad blockers available on the Chrome Web Store, the firm found that many including AdBlock by AdBlock, Inc and Ublock by Charlie Lee were using the names of two other very popular ad blockers, AdBlock and uBlock Origin, to trick users into downloading them. However, AdGuard also found that these ad blockers were engaged in malicious behavior.

At first these add-ons did what they were supposed to and removed ads from web pages as both are based on the code of the original “AdBlock” extension. 

AdGuard then discovered that after being installed for around 55 hours, these extensions began to send out a request to urldata.net for each new domain they visited. This allowed the extensions to receive affiliate links from the sites users visited and if they made a purchase while visiting them, the extensions owner would be paid a commission from those sites.

The technique used by the fake ad blockers is known as cookie stuffing and is basically an ad fraud scheme. Not only are the creators of these fake extensions using the names of more popular ad blockers to trick users into downloading them, they are also using their browsing activity and online purchases to earn commissions for themselves.

According to AdGuard, Google has received multiple reports about how these fake ad blockers are using the names of more popular extensions for their own benefit but the search giant has yet to remove them from the Chrome Web store.

These two extensions have over 1.6m weekly active users who were stuffed with cookies from more than 300 websites from the Alexa Top 10000. While the damage is difficult to estimate, AdGuard believes that the creators are earning millions each month from cookie stuffing.

There is a silver lining though as now that the fake ad blocker scheme has been uncovered, the owners of affiliate programs can follow the money trail to find out who is behind this scheme. Cookie stuffing and other ad fraud schemes are illegal and there's a chance that the developers of these extensions will be held responsible for their actions.

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Latest in Security
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Veeam urges users to patch security issues which could allow backup hacks
UK Prime Minister Sir Kier Starmer
The UK releases timeline for migration to post-quantum cryptography
Latest in News
Google Gemini AI
Gmail is adding a new Gemini AI tool to help smarten up your work emails
Android 16 logo on a phone
Here's how Android 16 will upgrade the screen unlocking process on your Pixel
Visual Intelligence identifying a dog
AirPods with cameras for Visual Intelligence could be one of the best personal safety features Apple has ever planned – here's why
Nvidia AMD
Nvidia rumors suggest it's working on two affordable GPUs to spoil AMD's party
A Minecraft sheep.
Minecraft developer rejects generative AI, 'it's important that it makes us feel happy to create as humans'
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
More about security
IBM office logo

IBM to provide platform for flagship cyber skills programme for girls
Hacker silhouette working on a laptop with North Korean flag on the background

North Korea unveils new military unit targeting AI attacks

Viggle

What is Viggle: everything you need to know about the AI animation tool and meme generator
See more latest
Most Popular
A Minecraft sheep.
Minecraft developer rejects generative AI, 'it's important that it makes us feel happy to create as humans'
Nvidia AMD
Nvidia rumors suggest it's working on two affordable GPUs to spoil AMD's party
Google Gemini AI
Gmail is adding a new Gemini AI tool to help smarten up your work emails
Visual Intelligence identifying a dog
AirPods with cameras for Visual Intelligence could be one of the best personal safety features Apple has ever planned – here's why
Android 16 logo on a phone
Here's how Android 16 will upgrade the screen unlocking process on your Pixel
Apple iPhone 16 Review
New iPhone 17 report lends weight to rumors of major display and camera upgrades, and a pricey Apple foldable
IBM office logo
IBM to provide platform for flagship cyber skills programme for girls
Sky Glass Gen 2
It's a Glass act: the next generation of Sky Glass TV is now at Currys
Teams
Microsoft Teams is finally adding a tiny but crucial feature I honestly can't believe it never had
Apple Watch Ultra 2 move data
Apple is reportedly planning a huge future Apple Watch upgrade to turn it into an AI device with onboard cameras