Chrome extensions abuse millions with adware

February 18, 2019

It’s bad enough being assaulted by ads on TV. When I switch to my computer (for any reason) and still keep seeing tons of ads, I get really annoyed. I’ll bet you get annoyed too. But why does it happen?Too many ads on your computer lately? Malicious Chrome extensions might be to blame.

Well, one thing that’ll get you ads is installing browser extensions that are actually adware — from the time you install them or somewhere down the line. One recent example is an extremely popular Google Chrome extension called Automatic 4K/HD for YouTube.

For users who really want to get their fill, YouTube doesn’t seem to be the easiest platform to deal with. Not surprisingly, demand is high for applications and browser extensions that facilitate managing its contents. Automatic 4K/HD for YouTube, for example, got its five-star ratings and 4.2 million downloads by enabling users to select a permanent video playback quality level and preventing the YouTube platform from selecting a lower quality setting on the user’s behalf, among other features.

Unfortunately, at some point the popular extension apparently opted to ditch its hard-won fame in favor of abusing its fan base, pestering users with unwanted popups. Ironically, it started showing ads (and automatically opening up the page) for a Chrome extension to block ads. The advertised extension is named Adblocker for Chrome – NoAds, and it has more than 6.5 million downloads as of this writing.

This animation shows how adware in the Automatic 4K/HD for YouTube Chrome extension works

The popup ad appeared shortly after newcomers installed Automatic 4K/HD for YouTube, as you can see in the GIF above. Meanwhile, those for whom the extension was usable but then turned into adware say the ads appear at regular intervals, sometimes as often as once an hour.

At the moment, the extension has been removed from the Chrome Web Store, so there won’t be any new victims — at least, not for a while. It’s likely the ban isn’t permanent, though, because the current behavior is annoying but not outright malicious — fortunately, adware doesn’t corrupt your files or steal your data.

Malicious or not, there is nothing good about having unwanted software on your computer. Here’s what to do about it:

  • If you are among the 4.2 million who have this extension installed, the only solution is to remove it. For instructions, click here.
  • In general, keep browser extensions at bay — don’t install too many of them. They affect computer performance, but more important, they are also a potential attack vector, so minimize their number and keep just a few of the most useful.
  • Pay attention to the permissions that extensions require. If an extension already installed on your computer requests a new permission, something is probably going on, so do a bit of research to ensure the extension hasn’t been hijacked or sold.
  • Use a reliable security solution, such as Kaspersky Internet Security, that can neutralize malicious browser extensions, including adware.