Menu
EN
AdGuard Blog Popular Chrome extensions, including ad blockers, got hijacked. Learn how to protect yourself

Popular Chrome extensions, including ad blockers, got hijacked. Learn how to protect yourself

March 21, 2025 3 min read

In February 2025, GitLab Threat Intelligence team identified at least 16 malicious Chrome extensions affecting over 3.2 million users. These extensions used to be legit, installed through official browser stores from the trusted developers, but were later corrupted via malicious ‘updates’.

The investigation has determined that this attack originated from compromised developer accounts. Some developers stopped supporting their extensions beforehand, thus losing control over them, while others, still in charge, were likely deceived through the phishing kits.

Malicious extension updates introduced hidden scripts that covertly stole data, modified web requests, and injected ads into websites. These changes largely went unnoticed by users, as they had already granted the necessary permissions, allowing attackers to manipulate web content and user interactions seamlessly.

What risks do users face?

It is unclear what damage was caused by this particular malicious campaign, but permissions such as ‘host access’ and ‘scripting controls’ pose significant risks, as they enable the extraction of sensitive information, including credit card details, login credentials, authentication tokens, and cookies — potentially granting attackers control over user accounts or access to private messages.

Extensions can also modify webpage content in real time, creating opportunities for fraud, such as altering transaction details on banking websites to mislead users. Additionally, attackers can inject advertisements, redirect users to phishing sites, or generate fake clicks to exploit ad revenue.

The users of the affected extensions left multiple comments in the Chrome Web Store, suggesting that the extensions had gone rogue at some point. Among other things, the users noticed strangely placed ads, affiliate IDs added to service links, and issues with console.log — a built-in function used for debugging and code analysis:

Reviews
Source: GitLab Security Tech Notes

Ad blockers and the matter of trust

A total of 16 extensions were compromised, their full list available on the research page. What stood out to us, however, was that three of these were ad blockers (Adblocker for Chrome — NoAds, Adblock for You, and Adblock for Chrome).

As an ad blocker ourselves, we find this particularly concerning. Five years ago, we exposed 'fake' ad blocking extensions engaged in cookie stuffing for ad fraud. These extensions, controlled remotely, silently injected affiliate cookies into users' browsers. Critically, some of those extensions were so-called 'time bombs,' poised for more malicious actions once given a further command from a remote server. So, bottom line: choosing a trustworthy ad-blocking solution is paramount; the consequences of a poor choice can be severe.

In this case, the extension developers had no malicious intent. Their extensions were originally safe but later compromised by threat actors. However, as a general precaution, we once again recommend following these guidelines:

  • Only install extensions from reputable sources, such as official stores or verified websites
  • Research the developer before installing
  • Review the privacy policy to understand data usage
  • Be cautious when granting permissions, especially if an extension requests excessive access
  • Regularly remove extensions you no longer use to minimize the risk of malicious updates

Users often grant permissions without fully understanding their implications, especially if an extension appears useful or reputable. Once granted, these permissions remain in effect until the extension is removed, allowing attackers to exploit them over time. And as we can see, since extensions update automatically, a trusted extension can later introduce malicious updates, compromising user security without notice.

Now, the affected extensions have already been removed from the Chrome store, but users should also remove them from their devices and stay vigilant to protect themselves from similar incidents in the future.

Check this issue of our TechTok series to learn more about how to determine which apps and extensions are to be trusted. Stay alert and prioritize security in your choices!

Liked this post?
March 21, 2025 3 min read Industry news
Daria Magdik Daria Magdik

Recommended articles
18,573 18573 user reviews
Excellent!

AdGuard for Windows

AdGuard for Windows is more than an ad blocker. It is a multipurpose tool that blocks ads, controls access to dangerous sites, speeds up page loading, and protects children from inappropriate content.
By downloading the program you accept the terms of the License agreement
Read more
18,573 18573 user reviews
Excellent!

AdGuard for Mac

AdGuard for Mac is a unique ad blocker designed with macOS in mind. In addition to protecting you from annoying ads in browsers and apps, it shields you from tracking, phishing, and fraud.
By downloading the program you accept the terms of the License agreement
Read more
18,573 18573 user reviews
Excellent!

AdGuard for Android

AdGuard for Android is a perfect solution for Android devices. Unlike most other ad blockers, AdGuard doesn't require root access and provides a wide range of app management options.
By downloading the program you accept the terms of the License agreement
Read more
18,573 18573 user reviews
Excellent!

AdGuard for iOS

The best iOS ad blocker for iPhone and iPad. AdGuard eliminates all kinds of ads in Safari, protects your privacy, and speeds up page loading. AdGuard for iOS ad-blocking technology ensures the highest quality filtering and allows you to use multiple filters at the same time
By downloading the program you accept the terms of the License agreement
Read more
18,573 18573 user reviews
Excellent!

AdGuard VPN

72 locations worldwide

Access to any content

Strong encryption

No-logging policy

Fastest connection

24/7 support

Try for free
By downloading the program you accept the terms of the License agreement
Read more
18,573 18573 user reviews
Excellent!

AdGuard Content Blocker

AdGuard Content Blocker will eliminate all kinds of ads in mobile browsers that support content blocker technology — namely, Samsung Internet and Yandex.Browser. While being more limited than AdGuard for Android, it is free, easy to install and still provides high ad blocking quality.
By downloading the program you accept the terms of the License agreement
Read more
18,573 18573 user reviews
Excellent!

AdGuard Browser Extension

AdGuard is the fastest and most lightweight ad blocking extension that effectively blocks all types of ads on all web pages! Choose AdGuard for the browser you use and get ad-free, fast and safe browsing.
Read more
18,573 18573 user reviews
Excellent!

AdGuard Assistant

A companion browser extension for AdGuard desktop apps. It offers an in-browser access to such features as custom element blocking, allowlisting a website or sending a report.
Read more
18,573 18573 user reviews
Excellent!

AdGuard DNS

AdGuard DNS is a foolproof way to block Internet ads that does not require installing any applications. It is easy to use, absolutely free, easily set up on any device, and provides you with minimal necessary functions to block ads, counters, malicious websites, and adult content.
Read more
18,573 18573 user reviews
Excellent!

AdGuard Home

AdGuard Home is a network-wide software for blocking ads & tracking. After you set it up, it’ll cover ALL your home devices, and you don’t need any client-side software for that. With the rise of Internet-Of-Things and connected devices, it becomes more and more important to be able to control your whole network.
Read more
18,573 18573 user reviews
Excellent!

AdGuard Pro for iOS

AdGuard Pro has much to offer on top of the excellent iOS ad blocking in Safari already known to the users of the regular version. By providing access to custom DNS settings, the app allows you to block ads, protect your kids from adult content online, and safeguard your personal data from theft.
By downloading the program you accept the terms of the License agreement
Read more
18,573 18573 user reviews
Excellent!

AdGuard for Safari

Ad blocking extensions for Safari are having hard time since Apple started to force everyone to use the new SDK. AdGuard extension is supposed to bring back the high quality ad blocking back to Safari.
Read more
18,573 18573 user reviews
Excellent!

AdGuard for Android TV

AdGuard for Android TV is the only app that blocks ads, guards your privacy, and acts as a firewall for your Smart TV. Get warnings about web threats, use secure DNS, and benefit from encrypted traffic. Relax and dive into your favorite shows with top-notch security and zero ads!
Read more
18,573 18573 user reviews
Excellent!

AdGuard for Linux

AdGuard for Linux is the world’s first system-wide Linux ad blocker. Block ads and trackers at the device level, select from pre-installed filters, or add your own — all through the command-line interface
Read more
18,573 18573 user reviews
Excellent!

AdGuard Temp Mail

A free temporary email address generator that keeps you anonymous and protects your privacy. No spam in your main inbox!
Read more
18,573 18573 user reviews
Excellent!

AdGuard Mail β

Protect your identity, avoid spam, and keep your inbox secure with our aliases and temporary email addresses. Enjoy our free email forwarding service and apps for all operating systems
Use web version
Microsoft Store
App Store
App Store
Google Play
Downloading AdGuard To install AdGuard, click the file indicated by the arrow Select "Open" and click "OK", then wait for the file to be downloaded. In the opened window, drag the AdGuard icon to the "Applications" folder. Thank you for choosing AdGuard! Select "Open" and click "OK", then wait for the file to be downloaded. In the opened window, click "Install". Thank you for choosing AdGuard!
Install AdGuard on your mobile device