+- Geeks for your information (https://www.geeks.fyi)
+-- Forum: News (https://www.geeks.fyi/forumdisplay.php?fid=105)
+--- Forum: Privacy & Security News (https://www.geeks.fyi/forumdisplay.php?fid=107)
+--- Thread: Adblock Plus Filters Can Be Exploited to Run Malicious Code (/showthread.php?tid=6644)
Adblock Plus Filters Can Be Exploited to Run Malicious Code - silversurfer - 16 April 19
Quote:An exploit has been discovered that could allow ad blocking filter list maintainers for the Adblock Plus, AdBlock, and uBlocker browser extensions to create filters that inject remote scripts into web sites.
With ad blockers having a a user base of over 10 million installs, if malicious scripts were injected it would have a huge impact as they could perform unwanted activity such as stealing cookies, login credentials, causing page redirects, or other unwanted behavior.
For those who are unfamiliar with how ad blockers work, they utilize lists of URLs related to advertisements and malicious behavior and are typically maintained by a small team of people or even a single person. When these lists are loaded by an ad blocking extension, like Adblock Plus, the extension will prevent the browser from connecting to the listed URLs and thus advertisements or malicious scripts are unable to load.
SOURCE: https://www.bleepingcomputer.com/news/security/adblock-plus-filters-can-be-exploited-to-run-malicious-code/
RE: Adblock Plus Filters Can Be Exploited to Run Malicious Code - harlan4096 - 17 April 19
Additional info: https://www.ghacks.net/2019/04/16/adblock-plus-filter-exploit-to-run-arbitrary-code-discovered/
RE: Adblock Plus Filters Can Be Exploited to Run Malicious Code - Deep900 - 17 April 19
I would recommend to use uBlock Origin instead of Adblock.
Thanks for the post silver.