Google Chrome to Block Drive-By-Downloads from Ad Frames

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,057
Google is planning to add automated prevention of all downloads initiated from within ad frames which lack user activation, as part of an effort to boost the security of Chrome users by blocking possibly malicious drive-by-downloads.

As previously reported when Google was thinking of introducing this feature for downloads originating from website iframes, drive-by-downloads are a technique used by attackers to drop malware payloads on their victims' computers from compromised websites, with or without user interaction.

This time, Chromium project's Yao Xiao drafted up plans to prevent downloads in ad frames without user activation, and published the new feature's design and core principle considerations details within a public design document aptly titled "Preventing Drive-By-Downloads in Ad Frames."

Ad frames are iframes "marked as ad by the Chromium ad detection infrastructure AdTagging," Google's ad detection infrastructure which matches "resource requests against a filter list" and tags the frames that get a match as ads.

As detailed by Xiao, the automatic blocking of downloads originating from ad frames will be available on all six Blink platforms (i.e., Windows, Mac, Linux, Chrome OS, Android, and Android WebView), the only exception being iOS where Chrome uses iOS WebKit, Apple's mobile rendering engine and components.

Xiao also says in his feature design that "The only kinds of downloads that can occur without a user gesture are navigations and simulated clicks on links. Therefore, our intervention will block such downloads if they occur without a user gesture."
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top