Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

"In a technical analysis shared with ZDNet, AdGuard said all extensions loaded malicious code from the fly-analytics.com domain, and then proceeded to quietly inject ads inside Google and Bing search results."

The original post has some details and recommendations:

https://adguard.com/en/blog/fake-ad-blockers-part-3.html

What I don't quite understand is how do people make money from these things without getting caught? Is it not obvious where the money goes as people are getting paid from the fraud? Or is it more like no one cares?



"What I don't quite understand is how do people make money from these things without getting caught?"

I'm not sure it's illegal. And it's pretty clear Google doesn't care enough to review extensions.


Add

    0.0.0.0 fly-analytics.com
to /etc/hosts


My router has a built in word filterer. So I just added-

analytic, adservice, pixel,doubleclick, googlead,facebook, applauncher, Xiaomi,track, taboola and outbrain.

This only applies to subdomains and domains(due to Https).

So adservice.google.com is blocked but google.com/adservice is allowed.


So you have TrackMania, trackpad, race track blocked?


If those are websites, then no. All websites are opened within my browser. The keyword thing applies only to apps.

My browser (firefox) has DNS over HTTPS built in. So every request goes to cloudflare-dns.com.

My router only sees these requests when I use Firefox - mozilla.cloudflare-dns.com

I use uBlock Origin in Firefox. So I can control whatever I want within the browser.

This a very good approach to adblock on a whole network.


> quietly inject ads inside Google and Bing search results

This is what Google and Bing do already, it's imperceptible to the average user.

Are these 3rd party ad extensions any worse than Google or Microsoft? They all vacuum up your data and show your ads.


Whilst I agree that this makes little to no difference to the average user, it is slightly different. One can sue Google/MS. Google/MS likely already have all your data already while these randoms probably don't. Google/MS have security teams while whoever made these extensions probably doesn't.

A more interesting question would be, if these extension makers where as transparent as Google/MS, where sueable, and had decent security, would these extensions become okay. The answer is obviously no, but I'm not sure why.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: