[ad_1]
Ad blockers like Nano Adblocker and Defender are supposed to help filter out annoying ads while browsing the web. Unfortunately, the Chrome versions of the two ad-blocking extensions were found to have malware installed that secretly uploads your browsing data and manipulates social media accounts.
This comes when a post on Github highlighted that this issue occurred when the new owner of the extension released updates that added malicious code.
The original developer of the extensions, Hugo Xu, explained that he sold the rights to the versions available on Google’s Chrome Web Store because he no longer had time to maintain them.
Users of the extension noticed that their browsers behaved strangely, as if they automatically ‘liked’ many Instagram posts without any input from users. An artificial intelligence and machine learning investigation, Cyril Gorlla, told ArsTechnica that his browser liked more than 200 images from an Instagram account that did not follow anyone.
This is not the first time that browser extensions have been useless. Earlier this month, another Chrome extension called User Agent Switch, which had an install base of over 100,000 active users, was doing the same. Google has since removed the offending extension.
Other users of the extension reported on a Github forum that infected browsers were also accessing their user accounts that were not yet open in their browsers. It is suspected that the extension was accessing authentication cookies and trying to use them to gain access to user accounts.
Google has already acted by removing the offending extensions from its Chrome Web Store and issued a warning that they are not safe. He advises anyone who has installed the extensions to remove them immediately.
It should be noted that both Nano Adblocker and Nano Defender are also available from other extension stores such as Firefox and Microsoft Edge. The original developer claims that these two extensions are not affected by malware. However, as the Edge browser can install extensions from the Chrome Web Store, there is a possibility that it will also get infected in this way.
Because these extensions can load cookies from your browsing session, it means that anyone who has been infected must log out of all websites. Doing so would invalidate session cookies and prevent someone from using them for unauthorized access. If you’re really paranoid, you can go one step further by changing your passwords to be safe.
This latest incident serves as a reminder that anyone can pick up an established browser extension and use it to infect a large user base. The only remedy to this problem is to routinely check your browser extensions and remove the ones you no longer use.
[SOURCE]