• About
  • Advertise
  • Careers
  • Contact
Monday, February 6, 2023
No Result
View All Result
NEWSLETTER
Cyber360 News
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us
No Result
View All Result
Cyber360 News
No Result
View All Result
Home Security

Your Favorite Ad Blocker Can Be Exploited To Infect PCs With Malicious Code

by Cyber360 News
November 11, 2019
in Security
0
Your Favorite Ad Blocker Can Be Exploited To Infect PCs With Malicious Code
0
SHARES
1
VIEWS
Share on FacebookShare on Twitter

In July 2018, the popular Adblock Plus software released its version 3.2 that brought a new feature called $rewrite. This feature allowed one to change the filter rules and decide which content got blocked and which didn’t. It was said that often there are content elements that are difficult to block. This feature was soon implemented by AdBlock as well as uBlock.

In a troubling development, it has been revealed that this filter option can be exploited by notorious actors to inject arbitrary code into the web pages. With more than 100 million users of these ad blocking tools, this exploit has great potential to harm the web users.

jamf now

When $rewrite feature was introduced, it came up with a simple trick to ensure that it’s not exploited easily. You needed to specify a new URL to replace a particular web request. While doing so, it was required that you replace the earlier URL with a new URL with the same host. For example, you had to redirect the requests for example.com/ads.gif to example.com/doggos.gif. Here, host example.com remains the same.

So what has changed? What has made $rewrite exploitable?

Under some conditions, it’s possible to exploit web services using $rewrite. For example, when a service uses XMLHttpRequest or Fetch to load code for execution, $rewrite allows them to fulfill requests from arbitrary origins.

By keeping in mind these conditions, it’s possible for any ad blocker filter maintainer to create a rouge set of rules that can redirect the service to a page with a malicious payload.

As per the findings of the researcher Armin Sebastian, Google’s services like Google I’m Feeling Lucky, Google Maps, Gmail, and Google Images, etc., meet the requirements to be exploitable. It’s worth noting that the flaw isn’t limited to Google services and other web services could be affected by the same.

jamf now

Sebastian informed Google regarding the flaw, but his report was closed as it was an “Intended Behavior.”

It’s worth noting that it’s challenging to detect which rogue filter list operator injected the harmful code. The operator can offer a short expiration time for the malicious filter list and even sort targets based on IP addresses. Sebastian suggests that ad blockers should drop the support for $rewrite feature and opt for those options that don’t support it in the first place.

Also Read: RobinHood Ransomware Is “Honest” And Promises To “Respect Your Privacy”
Cyber360 News

Cyber360 News

Next Post
RobinHood Ransomware Is “Honest” And Promises To “Respect Your Privacy”

RobinHood Ransomware Is “Honest” And Promises To “Respect Your Privacy”

Recent Posts

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

Twitch’s Entire Critical Data Leaked, Includes Streamer Earnings, Source Code

October 6, 2021
Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

Former U.S. Security Firm Helped The UAE Carry Out “Karma” iMessage Hack: MIT Tech Review

October 1, 2021
Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

Facing “This App Has Been Blocked For Your Protection” Issue? Here’s How You Can Fix It

October 1, 2021

Whats New in Kali Linux?

September 14, 2021

Kali Linux 2019.3 Release (CloudFlare, Kali-status, metapackages, Helper-Scripts & LXD)

September 14, 2021

Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)

September 14, 2021

Kali Linux 2018.4 Release

September 14, 2021

Kali Linux 1.0.5 and Software Defined Radio

September 14, 2021

Kali Tools Website Launched, 1.0.9 Release

September 14, 2021

Kali Linux Dojo at Black Hat Vegas 2016

September 14, 2021

Category

Site Links

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

About Us

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Check our landing page for details.

© 2019 Cyber360 News - Powered by WebSensePro

No Result
View All Result
  • Home
  • Security
  • Data Breach
  • Cyber Attacks
  • Cyber Security
  • Cyber Crime
  • Contact Us

© 2019 Cyber360 News - Powered by WebSensePro

Login to your account below

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In