Connect with us

News

Delete these two Google Chrome ad blockers – they’re riddled with malicious code

Remove the Chromium versions of Nano Adblocker or Nano Defender now. Seriously.

google chrome logo on purple background for google search
Image: KnowTechie

Two popular adblocker extensions found in the Chrome Web Store with over 300,000 active users have been siphoning off user browsing history while also hijacking user’s social media accounts. The reason? The developer of the two projects sold the rights to another developer who allegedly inserted malicious code into the Chrome extensions.

In a post on the GitHub page for the Nano projects (Nano Adblocker and Nano Defender), original developer Hugo Xu said he no longer has the time to maintain them, so he sold them to an unspecified Turkish developer. That left 300K users in the hands of unknowns, which could have used the existing install base for malicious means.

Well, that’s exactly what happened, with the uBlock Origin extension maker noticing that the Nano extensions had some new code snippets, which in his estimation, turned them into malicious software. Those included checking if the user had opened the developer console, sending a “report” file to a server maintained by the Nano developers.

That’s not all it was doing though, with user browsing data being uploaded without the user’s consent. That browsing history seemingly also included session cookies, as many users reported that their browsers were automatically issuing likes to posts on Instagram, with no user input.

For their part, Google has already removed the Chrome Web Store’s extensions and issued a warning that they’re not safe to use. If you had either of them installed on your machine, you should probably remove them immediately. Seriously, do that now.

It’s also possible that the malicious code uploaded session cookies, so you should log out fully of every website you use. That should invalidate the siphoned cookies, keeping you safe. If you want to err on the side of caution, you should also change the passwords of every single site you’ve been using too.

Have any thoughts on this? Let us know down below in the comments or carry the discussion over to our Twitter or Facebook.

Editors’ Recommendations:

Comments

More in News