Android win32 fake ad blocker and

How to block ads on Android, with root and without root

Nobody likes ads, including your very own, whose livelihood depends on an ad-supported internet experience. Yet, it’s hard to imagine a world without ads. Ads are the reason why we can access many of the most popular websites, services, and apps without paying a single penny. It’s not that ads are fundamentally bad — when done right, ads can be entertaining, engaging, and genuinely useful. It’s just that many websites and apps can be short-sighted at times and engage in shady ad practices to boost their revenue.

We’ve all come across annoying websites that take us on a bumpy redirecting rollercoaster ride without our consent. And those in-app ads covering the entire display of your phone or computer and basically hijacking us by disabling the back button can especially be annoying. It’s practices like these that earn ads a bad name.

While we can’t wipe out these nasty ads from the face of the earth, we can certainly wipe them clean from your Android device. Let us present to you some of the most powerful tools Android users have at their disposal that will make sure you never see the sight of ads.

Removing ads affects the internet ecosystem and the monetization ability of many businesses. If you frequently use certain apps, websites, and services, consider subscribing to their paid services or adding them to a whitelist. Help them continue to be useful to you.

Some of these tools require root access, but you won’t need it at all in most cases. The Android ad-blocking tools come in all shapes and sizes, with each having varying degrees of effectiveness and use case. Let’s review them one by one to help you find the one that works the best for you.

Changing the DNS to Block Ads on Android

One of the easiest ways to block ads on Android smartphones is by changing to an ad-blocking service’s private DNS provider. This method requires no apps, but it only works on Android phones with Android 9 Pie and above, as the Private DNS setting was introduced with this version of the OS.

To change the DNS, go to Settings > Network and Internet > Advanced > Private DNS. Choose the option Private DNS Provider Hostname, and enter “dns.adguard.com” or “us.adhole.org“, and hit Save. That’s it. You’ll no longer see any in-app ad banners, nor any advertisements on web browsers.

On some phones, the path to change the Private DNS may be different. If your phone UX has a search bar, simply search for Private DNS to land on the relevant settings page.

AdLock

AdLock is a blocking solution that has options for PC and Android. It’s an easy way to block in-game ads or browser ads while using your phone. You’ll even have the option to block specific websites and filter all of your traffic through HTTPS secure filtering.

Thanks to AdLock for sponsoring this part of the article.

AdAway

If you have root access, there’s no better solution than AdAway. It has a non-root mode as well, but it works best with root. AdAway uses a hosts file to block ad-serving hostnames. What it essentially does is keep an updated list of ad networks and redirects them to 127.0.0.1 (your own phone), so these requests go nowhere, and no ads can be served. The best part is it blocks out both browser and in-app advertisements. Setting up the service is very straightforward.

The service comes with three sources with over 90,000 user-verified hosts, with new hosts regularly being added to the list. If some ads still seep through, you can use the DNS logging feature to record the outgoing DNS requests and manually add them to the “hosts” file. But even without touching any of these or getting too technical, AdAway effectively blocks out most ads, if not all, across apps and websites.

AdAway is free and open-source and in active development. If you want to give it a try, head over to the project’s GitHub or grab the latest APK from the official XDA thread linked below.

Источник

Зловреды начали выдавать себя за «блокировщики» рекламы на Android-устройствах

Эксперты в области кибербезопасности установили, что некоторые приложения, которые выдают себя за блокировщики рекламы на Android, на самом деле являются вредоносными программами. Если установить такое приложение, то оно начинает «спамить» рекламными объявлениями.

Зловред получил название FakeAdsBlock, так как в названиях многих таких программ встречается сочетание Ads Blocker.

Приложения распространяются через сторонние магазины приложений. Их, как правило, скачивают те, кто хочет смотреть видео без рекламы. Фейк при установке запрашивает разрешение на показ контента поверх остальных окон, либо на отображение виджета и установку VPN-соединения.

В итоге приложение получает возможность постоянно работать в фоновом режиме и исчезает с рабочего стола, после чего на устройство начинают приходить рекламные объявления. Реклама может появляться как при заходе в браузер, так и поверх виджета мобильного экрана.

Определить, что зловред установлен и работает, можно по строке состояния, где появляется значок ключа.

Кроме того, появляется пустое белое поле для уведомлений, скрытое на виду. Если нажать на него, то оно попросит разрешения установить неизвестные приложения с помощью кнопки-переключателя «Разрешить из этого источника». В этом случае источником установки является именно вредоносная программа, и нажатие может привести к установке еще большего числа зловредов.

Удалить приложение можно, лишь обнаружив его местоположение в хранилище.

Источник

Fake Ad Blockers 2: Now with Cookies and Ad Fraud

— OK, Google, I use Chrome, and I’d like to get an ad blocker for it.
— Sure, head to Chrome Web Store, there are literally hundreds of ad blockers there!
— Hmm, hundreds you say? Is it safe? I heard that last year a lot of them appeared to be fake and malicious!
— No worries, we are going to limit the power of ad blockers soon, this will definitely help!
— Oh, really? That’s cool, thank you! I’ll grab one from the top of the search results. This «AdBlock» by «AdBlock, Inc» looks legit. It has a privacy policy, it has over 800,000 users, and it is from a German company. Or maybe I’ll try this «uBlock» by «Charlie Lee»? Five stars rating, 850,000 users, it must be good as well.

Stop right there!

This «AdBlock» is fake and malicious, and the «uBlock» one is the same. And there are many more not so popular deceptive clones there. How do I know that? I spent quite some time inspecting their code trying to figure out what they do. The real question is, how could you (a casual user) know it?

Here is the legit AdBlock extension followed by its clones

What’s wrong with them?

For starters, they are using the names of two other very popular ad blockers, and this alone is deceitful and simply not right and should be enough. However, despite multiple reports, these extensions are still not removed.

Apparently, ethical issues and deception cannot be a reason for extension removal. Let’s get to the next part then — malicious behavior.

Here goes the technical explanation. Skip to the next part if you’re not a developer.

At first, these add-ons just do what they’re supposed to do — they block ads. They both are based on the code of the original «AdBlock» extension so the quality is good enough.

Periodically, they send a request like this:

At first glance, the server response looks innocent:

However, about 55 hours after the installation, the response suddenly changes, and it does not look that innocent anymore.

This new response contains a list of commands for the extension to execute. After that the extensions’ behavior changes, and they start doing a few more things besides ad blocking.

They now send a request to urldata.net for each new visited domain. For instance, if you visit teamviewer.com , they’ll send a request like this:

The response to this request contains a special URL:

The extensions will immediately open that URL in the background. A chain of redirects follows this request:

The last request in the chain is:

What’s going on here, you’d ask? Apparently, this address belongs to Teamviewer’s affiliate program. In response, your browser receives a special «affiliate» cookie. Now if you make a purchase on teamviewer.com the extensions owner will be paid a comission by Teamviewer.

This technique is known as Cookie stuffing, and this is basically an ad fraud scheme.

There are many more affiliate links they are using for this. Here’s just a small part I’ve been able to extract in 30 minutes. Here are some notable victims: microsoft.com , linkedin.com , aliexpress.com , booking.com , and many more.

Another interesting thing about this extension is that it contains some self-protection mechanisms. For instance, it detects if the developer console is open, it ceases all suspicious activity at once.

Summary

• Both fake AdBlock and uBlock deceive users by using names of legitimate popular ad blockers.
• They have not been taken down by Google despite multiple reports about deceptive naming.
• The real purpose of these extensions is Cookie stuffing — an illegal ad fraud scheme.
• The scale is unprecedented. These two add-ons have more than 1.6 Million «weekly active users», who were stuffed with cookies of over than 300 websites from Alexa Top 10000. It is difficult to estimate the damage, but I’d say that we are talking about millions of USD monthly.

Actually, there’s a bright side to it. Now that this fraud scheme is uncovered, affiliate programs’ owners can follow the money trail and find out who is behind this scheme. Sentences for cookie stuffing are real so there’s a chance that the developers of these extensions will be held responsible.

The problem of fake extensions

This problem is not new, and similar cases were reported before. However, despite that, I see no effort from Google to resolve this. It seems that the situation is even worse now. At least fake blockers had to invent a new name before. Now, as you can see, they don’t even bother to do that!

It’s not only regular users who fall for their tricks. For instance, here is the fake «AdBlock» on the list of ad blockers recommended by androidcentral.com:

Excerpt from the review on Android Central

Is this problem unique to Chrome WebStore? Well, not really. For instance, an AdGuard rip-off has even got a «recommended» badge on Mozilla Add-ons despite multiple reports on the unethical behavior (1, 2). Well, at least it did not try to use our name.

How can this situation be improved?

You might have heard about the solution Google proposed called «Manifest V3». They say that limiting extensions capabilities will improve the overall performance, security and privacy.

Will it, though? While I kinda agree with the performance point, I don’t see how it can help with the other two. For instance, it would do no harm to these two add-ons — cookie stuffing is still possible in this scenario.

In fact, I fully agree with what EFF proposes:

In order to truly protect users, Google needs to start properly enforcing existing Chrome Web Store policies.

Somewhere at Google office

How can you protect yourself?

As you can see, even journalists sometimes fall for the fakes so this is a difficult question. A year ago I’d have said that the recipe is simple — install extensions only from the developers you trust.

The situation is now worse than before so I’d like to add a couple of things to the list of recommendations, at least until things somehow change:

1. If you’re going to install a browser extension, think again. Maybe you don’t really need it?
2. Don’t believe what you read in the extension’s description. Be aware that there’s almost no review process, and this can easily be a fake.
3. Reading the users’ reviews won’t help as well. These two extensions had excellent reviews and yet they were malicious.
4. Don’t use the WebStore internal search, install extensions from the trusted developers’ websites directly.

UPD (Sep 18th):
Both malicious extensions we mentioned in this article are currently blocked in Chrome. While this is undoubtedly good news, Google needs to do much, much more to prove they really care about their users’ safety.

Источник

How To Block Ads In Android Apps, Games And Browsers

Ads are a necessary evil. Many websites and applications are providing you with free service, free content and free software because someone else is paying them to keep them up. Thus, the service provider has to serve ads to you in return for the income that is keeping them in business, and in development. As the user, you reap the benefit of using the product for free.

However, sometimes the ad placements can be really annoying, contributing to not-so-appealing user experience. In this post we will look at methods to block ads from showing up on Android. You can block ads from appearing in apps and games, or only on browsers.

The methods here may work for both rooted and non-rooted devices. It will be specified for each method. Before we begin, you need a File Manager, e.g. Astro File Manager. Any other file manager will work fine.

Disclaimer: Attempt ad-blocking at your own risk. We cannot be held responsible for any effects on your device resulting from these methods.

1. Adblock Plus (ABP)

This method uses ad-blockers (apps) to block all ads in your device, including the ads shown in various apps and games. There are many ad-blockers for Android, thanks to the ever-growing Android developers. The top two would be Adblock Plus (ABP) and AdAway; we wil discuss the former, but you can install AdAway if that’s your preference.

Using Adblock Plus

We’re going with Adblock Plus as it is an open source project and has the option to allow non-intrusive ads. This method works for both rooted and non-rooted devices. Installing an ad-blocker app requires your device to allow applications from unknown sources.

Sideloading is required as Google has removed ad-block apps from Google Play Store. You need to sideload any ad-blocker, i.e. install ad-blockers using its APK file and not from Google Play Store.

Follow the given steps to set this configuration:

1. Go to Settings >Applications (or Security on 4.0 and above) on your Android device.
2. Navigate to the Unknown sources option.
3. If unchecked, tap the checkbox, and then tap OK on the confirmation popup.

Your Android device is ready to install ad-blockers.

Installing And Configuring Adblock Plus

1. Open a browser in your device and download Adblock Plus for Android. Your device will receive the APK file: adblockplusandroid-version.apk.

2. Navigate to where your downloaded files are kept, then tap on the file and install. (If you open the APK file using a file manager, select Open App Manager and then click on Install.)

3.1 On rooted devices: after installing, open Adblock Plus. It will request for super user permissions. Allow super user permissions to Adblock Plus and you are good to go.

3.2 On non-rooted devices: you need a few more steps, to manually set up proxy in your Android. You will need to follow the instructions here as instructions are different for Android versions up to 3.1 and 4.0+.s

Now Adblock Plus will start blocking ads. You can set more options in Adblock Plus like ads filter lists, non-intrusive ads, etc in Settings.

Adblock Plus – Browser Extension

Adblock Plus is also available as a browser extension for Firefox. With this method, only the ads shown on web pages inside the browser are blocked. Ads in apps or games are not affected. This method works for rooted as well as non-rooted devices.

Setting Up Adblock Plus (Extension)

1. If you are not using Firefox as a browser on your Android yet, get it here. Run the browser on your device and go to the Adblock Plus add-on here. Add it to Firefox and Install it.

2. Restart Firefox and browse ad-free. You can set more options in Adblock Plus by going to the Menu > Adblock Plus and going through the options you can configure.

2. Block Ads using ‘hosts’ file

This method uses ‘hosts’ file to block ads. This method blocks all ads in your device, including the ones shown in various apps and games. This method works only for rooted devices.

What is a ‘hosts’ file?

‘hosts’ file is a plain-text file in an operating system to map hostnames (like anything.com) to its IP address. Whenever you try to launch a website using its hostname, the operating system will usually search the ‘hosts’ file to find the corresponding IP address first.

If the search is successful, then its mapped IP address is used; otherwise a query is sent to DNS (Domain Name Service) to find the IP address of that hostname.

Setting Up ‘hosts’ file

1. On the computer, open MVPS (or pgl.yoyo.org or hostfile.mine.nu) on your browser. A plain-text page will open. Save this page as the name hosts in the computer.

2. Using Bluetooth or a USB connection, copy this hosts file from your computer to your Android device. Note the file path.

3. On your Android, open the file manager in your device and copy the hosts file to /etc or /system/etc. Accessing this location may require you to ‘allow super user permissions’ to the file manager.

4. Rename the original hosts file (if present) to a .txt or .bak extension. Paste the saved hosts file here. Reboot your Android and your Android is now ad-free.

Wrap Up

Although ads are annoying, they are also a great way to try out new apps, products or sites. Allowing non-intrusive ads is a way to be exposed to these new and sometimes great apps via ads. Alternatively many apps offers you the option to buy an ad-free version of the app, so you can support your favorite apps without being annoyed by the ads.

Источник