News

Hackers can use Adblock Plus filters for storage of malware code

In popular advertisement blocker Adblock Plus is found vulnerability that allows organization of JavaScript-code performance.

JS-code can be executed in case of usage unchecked filter, adopted by intruders (for instance, while connection to list side rules or through the substitution of rules in MITM-attack).

Authors of lists with filter sets can organize performance of their code in context of web-sites that user opens through adding lines with “rewrite” operator that makes substitution of URL-part. Rewrite operator does not enable substituting of a host in URL though allows freely manipulate with inquiry arguments. Substitution by tags as script, object and subdocument is blocked but text can be used for replacement.

Nevertheless, code performance can be achieve another way. Some websites, including Google Maps, Gmail and Google Images, apply technique of dynamic JavaScript-blocks download that is transited in a form of naked text. Except hosts that enables redirecting, attack can also be accomplished against services that allows users’ content accommodation.

Suggested method involves only pages that dynamically download lines with JavaScript code and then perform them. Another important limitation is necessity of redirect using or placement of random data on a page of initial server that gives resource.

Fixing of an issue is on a preparatory stage. Adblock and uBlock also encounter this problem.

Adblock Plus developers assess possibility of real attacks as low as they censor all changes in service rules list and seldom practice connection of side lists.

Source: www.adblockplus.org/blog

Polina Lisovskaya

I works as a marketing manager for years now and loves searching for interesting topics for you

Recent Posts

Remove News-bhexusa.xyz Pop-up Ads

About News-bhexusa.xyz News-bhexusa.xyz pop-ups can not open out of nowhere. If you have clicked on…

6 hours ago

Remove News-bhupotu.xyz Pop-up Ads

About News-bhupotu.xyz News-bhupotu.xyz pop-ups can not launch out of the blue. If you have clicked…

6 hours ago

Remove News-bhocime.info Pop-up Ads

About News-bhocime.info News-bhocime.info pop-ups can not open out of the blue. If you have actually…

7 hours ago

Remove You-hub.online Pop-up Ads

About You-hub.online You-hub.online pop-ups can not launch out of nowhere. If you have clicked on…

7 hours ago

Remove News-bhecudu.live Pop-up Ads

About News-bhecudu.live News-bhecudu.live pop-ups can not introduce out of the blue. If you have clicked…

7 hours ago

Remove News-bhiciwe.today Pop-up Ads

About News-bhiciwe.today News-bhiciwe.today pop-ups can not introduce out of the blue. If you have clicked…

7 hours ago