DrinkLyeAndDie
Retired Moderator
Thread Starter
- Joined
- Jan 28, 2007
- Messages
- 11,822
- Likes
- 468
Just an FYI.
Source: Naked Security by Sophos
Ad blocker firms rush to fix security bug
by Danny Bradbury
Source: Naked Security by Sophos
Ad blocker firms rush to fix security bug
by Danny Bradbury
If you’re using an ad blocker to filter out online commercials, then beware: You might be vulnerable to a new attack revealed on Monday that enables hackers to compromise your browser.
The vulnerability, discovered by security researcher Armin Sebastian, affects Adblock, Adblock Plus, and uBlock (but not uBlock Origin). It stems from a filtering option introduced into the ad blockers in July 2018. The option allowed the programs to rewrite web requests, cleaning them of tracking data.
[...]
For the attack to work, the browser must visit another server after hitting a legitimate web page. Hackers can force that if the server allows open redirects. This is when the server takes a URL as input from the client and redirects to it, no matter what it is.
An attacker can also get their executable code into the browser via the $rewrite function if they can get it onto the legitimate web page. That’s possible if the server lets the user post their own content (such as in a comments section or social media timeline) and doesn’t use proper input validation to check the post for malicious commands.
Finally, for the attack to work, the server must not restrict where it can fetch content from. It must not validate the final request URL either, because the attacker will have tampered with it.
These conditions aren’t as rare as you’d think; Sebastian created an example of a malicious filter that would redirect requests to Google Maps to Google’s I’m Feeling Lucky. The filter then executes code that displays an alert box.
[...]