Security News Chrome and Firefox Headless Modes May Spur New Adware & Clickfraud Tactics

[LASER_oneXM]

.....some quotes from the article above:

Headless mode is ripe for abuse by malware devs
While this feature sounds very useful for developers and very uninteresting for day-to-day users, it is excellent news for malware authors, and especially for the ones dabbling with adware.

In the future, adware or clickfraud bots could boot-up Chrome or Firefox in headless mode (no visible GUI), load pages, and click on ads without the user's knowledge. The adware won't need to include or download any extra tools and could use locally installed software to perform most of its malicious actions.

A new challenge for antivirus makers
"This may make it easier for them, and harder to detect on the local machine," Grooten told Bleeping Computer today.

His opinion is shared by fellow security researcher Bart Parys. "I do think adware creators will jump on the bandwagon, under the premise that it's worth the cost," Parys told Bleeping Computer in a private conversation.

Antivirus software makers will need to adapt along with Chrome and Firefox if they want to prevent users' computers from being hijacked and abused behind their owners' backs. Security products that come with support for behavioral analysis are most likely in a better position to detect this new types of adware attacks.

Headless mode supported in Chrome 59, Firefox 56
The first to add support for a headless mode was Google, in Chrome 59, released earlier this month. According to this Mozilla bug report, Mozilla will add a similar headless mode in Firefox 56, set for release next month.
.....
.....
Regular users won't notice anything since the addition of headless mode doesn't change anything in how both Chrome and Firefox look or behave in standard mode.