Over 20 Million Users  have been Installing Malicious Ad Blockers From Chrome Store
If you have installed any of the below-mentioned Ad blocker extension in your Chrome browser, you could have been hacked.

  • AdRemover for Google Chrome™ (10 million+ users)
  • uBlock Plus (8 million+ users)
  • [Fake] Adblock Pro (2 million+ users)
  • HD for YouTube™ (400,000+ users)
  • Webutation (30,000+ users)

“All the extensions I’ve highlighted are simple rip-offs with a few lines of code and some analytics code added by the authors,” Meshkov says. After Meshkov reported his findings to Google on Tuesday, the tech giant immediately removed all of the following mentioned malicious ad blockers extension from its Chrome Store:

Security researchers have been warning publicans who uses andriod phones about an ongoing malware campaign hijacking Internet routers to distribute Android banking malware that steals users’ sensitive information, login credentials and the secret code for two-factor authentication. In order to make a successful attack,Hackers trick victims into installing the Android malware, dubbed Roaming Mantis, hackers have been hijacking DNS settings on vulnerable and poorly secured routers. DNS hijacking attack allows hackers to intercept traffic, inject rogue ads on web-pages and redirect users to phishing pages designed to trick them into sharing their sensitive information like login credentials, bank account details, and more.

If installed, the malicious app overlays all other windows immediately to show a fake warning message (in broken English)

And After the user enters their name and date of birth, the browser is redirected to a blank page at http://127.0.0.1:${random_port}/submit,” researchers said. “Just like the distribution page, the malware supports four locales: Korean, Traditional Chinese, Japanese and English.

You are advised to ensure your router is running the latest version of the firmware and protected with a strong password.

You should also disable router’s remote administration feature and hardcode a trusted DNS server into the operating system network settings.