Ad blockers could be exposing you to hackers with this exploit

first_img We’d also like to send you special offers and news just by email from other carefully selected companies we think you might like. Your personal details will not be shared with those companies – we send the emails and you can unsubscribe at any time. Please tick here if you are happy to receive these messages.By submitting your information, you agree to the Terms & Conditions and Privacy & Cookies Policy. An exploit in the filter systems key to the inner workings of Adblock, Adblock Plus and uBlock could be used to inject code into web pages that could pinch your credentials, tamper with sessions or even redirect pages.This is is bad news for users, and security researcher Armin Sebastian — who found the vulnerability — suggests that as many as 100m monthly active users could be at risk if anyone were to take advantage of the exploit, which Sebastian highlights as “trivial.” Filter lists are a core part of adblock software, because they allow ad blockers to keep a list of malicious, suspicious or ad-heavy urls. Installing an ad blocker lets these filter lists do the driving, as the software uses the lists to block certain content from loading up.Related: Best Android Phones The filter option was introduced with the release of Adblock Plus 3.2 back in July 2018, and was then rolled out to Adblock and the Adblock owned uBlock. This is all well and good. However, the $rewrite filter option that was introduced late last year is used by several ad blockers to remove tracking data and prevent websites from trying to get around the ad block software.However, it appears that sometimes arbitrary code can be injected when domains load JS strings using XMLHttpRequest or what they use Fetch to download code snippets for execution. The exploit needs both of these things but also for “The origin of the fetched code must have a server-side open redirect or it must host arbitrary user content.” Related: Best iPhone 2019To show an example of this, Sebastian suggests a way to use Google Maps to action the exploit. When he reported this exploit to Google, Google explained it was intended behaviour, and that the behaviour is the fault of the ad blocking software. “The feature is trivial to exploit in order to attack any sufficiently complex web service, including Google services, while attacks are difficult to detect and are deployable in all major browsers,” says Sebastian in a blog post detailing the flaw.He advises that the ad blocking outfits drop support for the $rewrite function, but in the meantime he suggests users mitigate the risk to themselves by using uBlock Origin, which doesn’t contain the $rewrite function. Sign up for the Mobile NewsletterSign Up Please keep me up to date with special offers and news from Goodtoknow and other brands operated by TI Media Limited via email. You can unsubscribe at any time. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. Show More Unlike other sites, we thoroughly review everything we recommend, using industry standard tests to evaluate products. We’ll always tell you what we find. We may get a commission if you buy via our price links.Tell us what you think – email the Editorlast_img read more