Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Google cracks down on ad-injecting Chrome extensions

Lucian Constantin | April 2, 2015
Google has identified and disabled 192 Chrome browser extensions that injected rogue ads into Web pages opened by users without being upfront about it. The company will scan for similar policy violations in future.

Computers on a local network are typically configured to pass DNS lookup requests to the network's router, which then passes those queries to DNS servers run by the ISP. If attackers manage to replace the DNS servers configured on a router with rogue servers they control, they can then spoof websites.

In the attack reported by AraLabs, hackers used this router-based DNS hijacking technique to intercept browser requests to google-analytics.com, a popular Web analytics service run by Google, and to serve malicious JavaScript code that injected rogue ads into websites when viewed by users behind the compromised routers.

Such network layer attacks that happen outside the computer are almost impossible to detect by antivirus software, the browser, Google or the victims themselves.

The problems go even higher up the chain, to the legitimate advertising networks that place ads on websites. Cybercriminals frequently manage to trick these networks or their partners into distributing malicious ads, which then end up on popular websites and infect users with malware.

These attacks, collectively known as malvertising, have been going on for years with no end in sight. Ad networks repeatedly claim that they have defenses to prevent such incidents, but time and time again attackers find a way to bypass them. The scale of the problem even prompted harsh criticism by the U.S. Senate and calls for increased regulation of online advertising practices.

The fact that Google has begun scanning Chrome extensions for deceptive ad injecting behavior is a good thing, even though it comes years after security researchers warned about such threats. But, it's also worth keeping in mind that rogue browser extensions are just a small part of the problem.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.