When consumers install software on their devices, they often perform some sort of risk evaluation, even if they don’t consciously realise it. They might consider who provides the software, whether it is from an app-store, what social media says, and whether they have seen any reviews. But what if once a piece of software had been installed, the goalposts moved, and something that was a genuine software tool at the time of installation turned into a piece of malware overnight.
This is what happened to approximately 300,000 active users of Chrome ad blocking extension Nano Adblocker. You see, at the beginning of October, the developer of Nano Adblocker sold it to another developer who promptly deployed malware into it that issued likes to hundreds of Instagram posts without user interaction. There is some suspicion that it may have also been uploading session cookies.