Jump to content

Recommended Posts

  • Most Valued Members
Posted

I'm writing a kind of security guide and looking into antivirus/basic security. I know a friend of mine used to avoid using any antivirus and just stuck to safe sites, using adblockers to avoid possible malware hidden in adverts. However I never liked that, always thought it was putting too much trust in something. So I am wondering if it is actually possible for these types of malware to bypass adblockers?

Thanks

  • Most Valued Members
Posted

Well adblockers work by using "lists" of known ad sites and don't employ anything clever in the way of detection/blocking.



 

Posted

UBlock Origin is probably the most extensive one with a lot of customization features: https://github.com/gorhill/uBlock

Works with FireFox, Chrome, and Edge. Not available for IE.

However, your friend "is kidding himself" if he sincerely believes this type of protection alone is sufficient.

  • Most Valued Members
Posted
14 hours ago, itman said:

UBlock Origin is probably the most extensive one with a lot of customization features: https://github.com/gorhill/uBlock

Works with FireFox, Chrome, and Edge. Not available for IE.

However, your friend "is kidding himself" if he sincerely believes this type of protection alone is sufficient.

Actually just found this https://securityintelligence.com/news/malvertising-scheme-bypasses-ad-blockers/ 

 

Quote

Attackers are performing redirections using dynamically created scripts to subvert ad blockers, according to the report. The script gets its data from a different URL every day, which makes URL blocking difficult. Users of Adblock Plus, uBlock Origin and AdGuard have reported malvertising getting through the blockers, the researchers said.

 

  • Administrators
Posted

It's important to realize that even with the best ad blocker users won't be 100% safe. For instance, popular websites may get compromised at times and may serve malware, either as iframe, script, external script or the attacker will replace otherwise perfectly legit app like a remote admin tool, torrent client, etc. with a trojanized one which also contains malware besides the legitimate application.

Posted (edited)

Isn't relying on adblock for safety similar to relying on some AVs which purely based on hash/fuzzy-hash blacklisting?

Besides, simple anti-adblock tricks and some social engineering can easily bypass this, if the user is not "cautious enough"

Edited by 0xDEADBEEF
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...