Jump to content

Malversting and adblocks


peteyt
 Share

Recommended Posts

  • Most Valued Members

I'm writing a kind of security guide and looking into antivirus/basic security. I know a friend of mine used to avoid using any antivirus and just stuck to safe sites, using adblockers to avoid possible malware hidden in adverts. However I never liked that, always thought it was putting too much trust in something. So I am wondering if it is actually possible for these types of malware to bypass adblockers?

Thanks

Link to comment
Share on other sites

  • Most Valued Members

Well adblockers work by using "lists" of known ad sites and don't employ anything clever in the way of detection/blocking.



 

Link to comment
Share on other sites

UBlock Origin is probably the most extensive one with a lot of customization features: https://github.com/gorhill/uBlock

Works with FireFox, Chrome, and Edge. Not available for IE.

However, your friend "is kidding himself" if he sincerely believes this type of protection alone is sufficient.

Link to comment
Share on other sites

  • Most Valued Members
14 hours ago, itman said:

UBlock Origin is probably the most extensive one with a lot of customization features: https://github.com/gorhill/uBlock

Works with FireFox, Chrome, and Edge. Not available for IE.

However, your friend "is kidding himself" if he sincerely believes this type of protection alone is sufficient.

Actually just found this https://securityintelligence.com/news/malvertising-scheme-bypasses-ad-blockers/ 

 

Quote

Attackers are performing redirections using dynamically created scripts to subvert ad blockers, according to the report. The script gets its data from a different URL every day, which makes URL blocking difficult. Users of Adblock Plus, uBlock Origin and AdGuard have reported malvertising getting through the blockers, the researchers said.

 

Link to comment
Share on other sites

  • Administrators

It's important to realize that even with the best ad blocker users won't be 100% safe. For instance, popular websites may get compromised at times and may serve malware, either as iframe, script, external script or the attacker will replace otherwise perfectly legit app like a remote admin tool, torrent client, etc. with a trojanized one which also contains malware besides the legitimate application.

Link to comment
Share on other sites

Isn't relying on adblock for safety similar to relying on some AVs which purely based on hash/fuzzy-hash blacklisting?

Besides, simple anti-adblock tricks and some social engineering can easily bypass this, if the user is not "cautious enough"

Edited by 0xDEADBEEF
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...