For years and years the official Chrome extension store has had the same problem: it is packed with fraudulent plugins, clones of popular extensions that are almost indistinguishable from the originals, malicious extensions, and all kinds of scams.
Google has been attacking this situation a bit recently by improving its veto policies, but its measures have not been sufficient. This is exactly what the developers behind AdGuard, one of the most popular ad blockers, have reported after finding two malicious clones of popular adblockers that managed to amass millions of users before being removed.
Those responsible for AdGuard explain what we already know: this is not a new problem, in the Chrome Web Store it is easy to find fake versions of extensions such as AdBlock and even to the top of the results, however, the novelty is that now they are also using to commit fraud through cookies.
Fake extensions are using the technique called “Cookie stuffing” to receive affiliate commissions on websites that you visit without your finding out, it is a fraudulent practice whereby the extension starts sending requests from your browser to receive a special affiliate cookie and keep the commission if you buy something.
Trust or not trust the Chrome Web Store
Those who are aware of these types of practices may be more careful when installing their extensions, but for many users the idea that in the official Google extension store is going to put fraudulent plugins among the first results is unthinkable, and However, it has happened and continues to happen.
These two extensions “AdBlock” by “AdBlock, Inc” and “uBlock” by “Charlie Lee” looked quite legitimate and added between the two more than 1.6 million users and had five-star reviews.
They were only removed a day ago from the Chrome Web Store, after several complaints from users and after the people of AdGuard published this article denouncing its existence. Why is this still happening?