Adblock for YouTube Extension Exposes 11 Million Users to JavaScript Injection Risks

The Adblock for YouTube Chrome extension, with over 11 million installs, has been found to contain dormant JavaScript injection capabilities that could be activated by a single server-side change. This vulnerability allows unauthorized code execution without user knowledge, potentially compromising sensitive data across various sites. The extension's permissions enable it to inspect requests and manipulate page content, posing a significant risk to users, including those in enterprise environments. No malicious payloads have been observed yet, but the potential for exploitation remains high. The extension has been in the Chrome Web Store since 2014 and has a history of ownership changes and malware removals. Security researchers recommend caution when using extensions with broad permissions.

Key Points: • Adblock for YouTube has dormant JavaScript injection capabilities that can be activated remotely. • Over 11 million users are potentially at risk due to the extension's broad permissions. • No malicious activity has been observed yet, but the risk of data theft is significant.