Using Vulnerable Ad Blockers Could Get You Hacked

  • 3

For combating all the annoying advertisements, having robust ad blockers like Adblock Plus, Adblock and uBlock can seem imperative for some. However nowadays such mitigation can pose an actual threat to your online security. A researcher found a vulnerability in the Adblock Plus filter, he discovered that the filter could let a potential attacker execute arbitrary code during browsing sessions.

Adblock Plus Filter Allows Arbitrary Codes

A researcher has found an Adblock Plus filter vulnerability. As reported, this filter allows arbitrary code injection in web pages. This allegedly exposes users to malicious code during browsing sessions.

The researcher Armin Sebastian publicly shared his findings along with the technical attack details in a blog post. According to his discovery, the problem exists with the rewrite filter launched in 2018 with Adblock Plus version 3.2. This filter supposedly enables filter lists maintainers and browser extensions developers to inject codes in web pages.

“The filter option empowers extension publishers and filter list operators to attack specific users on the fly, without the need to release a malicious version of the extension, or publish the offending filter to a public filter list that is easily auditable.”

For now, Sebastian reported that the affected extensions presently have over 100 million active users. He also states that exploiting this feature is trivial for a potential threat actor. He publicly disclosed the matter to ensure the fastest possible mitigation.

Since Adblock and uBlock also implemented the same filters, these two are also vulnerable. However, uBlock Origin remains unaffected by this attack.

Adblock Plus Responds To The Matter

After Sebastian’s blog surfaced online, Adblock Plus quickly responded to it. In an updated article, they acknowledged the existence of the flaw. However, they deemed it an ‘unlikely scenario’, considering their regular monitoring of the filter lists and vetting process for all filter lists authors. They also stated there was no known active abuse of the rewrite filter option, marking the Adblock Plus users safe from such threats.

Nonetheless, they pondered over Sebastian’s suggested mitigations and decided to remove the rewrite filter.

“Despite the actual risk being very low, we have decided to remove the rewrite option and will accordingly release an updated version of Adblock Plus as soon as technically possible.”

They are also considering to implement more security features, such as limiting filter lists to https.

Take your time to comment on this article.


Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!