Security News Unstoppable JavaScript Attack Helps Ad Fraud, Tech Support Scams, 0-Day Attacks

[Solarquest]

Argentinian security expert Manuel Caballero has published new research that shows how a website owner could show a constant stream of popups, even after the user has left his site, or even worse, execute his very own persistent JavaScript code while the user is on other domains.

There are multiple issues and attack scenarios that Caballero discovered, but fortunately, they only affect Internet Explorer 11, but not Edge, or browsers from other vendors.

The bad news is that, according to NetMarketShare, IE11 is the second ranked browser version, with a market share of 10.46%, right behind Chrome 55, with 37.27%, meaning it still accounts for a large portion of the online userbase, despite its advanced age.

The undying IE popups
In a blog post published yesterday, the Caballero demonstrated how a developer could create popups that persist in the browser, even after the user has left the page where the popup's code was loaded, either by clicking a link or entering a new URL in the browser's address bar.

According to the veteran security researcher, there's no limit on how many popups a malicious website owner could show users after they left his site.

The only way users can stop the popups is to close the tab and open a new one. Navigating away from the malicious page in a new tab also prevents the popups from showing up.

Never-ending popups could be used in tech support scams

More in the link above

 

[_CyberGhosT_]

This is "one" example of why I choose to run AdGuard.
As things progress IE won't be the only target of behavior
like this, to me it seems IE is just the testing grounds.
All you adblock haters have a rough future ahead of you
imho.
Cool share Solar

 

[Arequire]

This is "one" example of why I choose to run AdGuard.
As things progress IE won't be the only target of behavior
like this, to me it seems IE is just the testing grounds.
All you adblock haters have a rough future ahead of you
imho.
Cool share Solar

I'd like to think that as malvertising continues to gain traction that more and more people will adopt adblocking. Less as a "ads are so annoying" thing and more as a security supplement. I'm not sure where that leave the internet at large though, being funded mostly by ads and such.

 

[soccer97]

I also use Adguard which helps mitigate some of this. I also uncheck Enable Automatic Crash Recovery - so that IE doesn't re-open after it crashes, re-exposing you to a potentially malicious site that crashed it in the first place, in addition to using Enhanced Protected Mode.

Although it may not help in this particular JS exploitation - make sure your Pop-up blockers are enabled.

Avoid IE when possible to lower your risk of exposure to malware. It is one of the more targeted browsers.That's IMHO.

The above options can be found in Internet Options > Advanced. I also disable Flash and any unneeded add-ons manually myself.