Counterfeit versions and knockoffs of trusted programs exist in just about every space of computing, and a report from AdGuard states that more than 20 million users were fooled by one particular variant of this trend; fake and malicious ad blockers in Chrome’s Web Store. In most cases, these extensions are simply outright imitations of more well-known options with a few extra lines of code and a fresh coat of paint, meant to do nothing more malicious than mislead users and garner undeserved downloads by stealing the work of others. Some ad blockers in the Web Store, however, inject malicious code into their processes that can escalate their privileges and open the door for them to manipulate a user’s browser in just about any way that they want. To make matters worse, five of those aren’t even ripoffs, but completely original works. That list includes AdRemover For Google Chrome, uBlock Plus, Adblock Pro, HD for YouTube, and Webutation.
Most of these extensions appear perfectly safe and inert, and for the most part, you have to actually look into the code to tell you’re dealing with something potentially malicious. Obviously, that’s not something that the average user will or even can do in most cases. As such, the best way to protect yourself is to see who the author of a given extension is, and only install extensions made by authors that you trust. If you can’t find an author you trust for a type of extension that you want to download, doing a quick Google search for the names of different extension authors should quickly tell you who is a reputable programmer or company and who is either well-known as being untrustworthy, or who is a no-name that shouldn’t be trusted above recognized names.