Adblockers downloaded 300K times contains malicious code

Via Ars Technica

A set of adblockers (Nano Adblocker and Nano Defender) with over 300,000 users was recently sold by its developer—the buying party promptly updated the blocker with malicious code that uploaded browsing data and accessed social media accounts.

The Issue

The developer behind two Chrome extensions focused on ad blocking, Nano Adblocker and Nano Defender, sold the rights to the versions of the extensions in the Google Play Store several weeks ago.

Soon after, the extensions were updated and security researchers found that the updates contained code that would automatically like photos from Instagram accounts that did not belong to the extension users.

There’s additional evidence that indicates the extensions were changed so browsing data could be remotely accessed and/or downloaded. Other victims also reported that their own Instagram social media accounts were affected.

Your Move

If you have these extensions Nano Adblocker and Nano Defender, uninstall and delete them immediately. In general, stick with trusted browser extensions in general. The ones we like include DuckDuckGo, Ghostery, Disconnect, 1Blocker, Better Blocker, Magic Lasso, and uBlock Origin.

For more information, visit Ars Technica

Show More
Back to top button