A privacy violating web exploit is being abused by a number of popular sites, it has emerged.
According to the BBC, the bug exploits the way that a web browser keeps track of links a user has already visited. The browser colours these links differently to indicate they've already been clicked.
This allows a purpose-built piece of code to interrogate the browser, effectively running a list of sites by it, and picking up on those which are marked for colouring. The exploit then has a record of sites you've visited, and can use this information to target adverts, or for other nefarious purposes.
A team at the University of San Diego ran tests on around 50,000 popular sites to see how many were using this flaw. 485 were, just under 1%, with many adult sites such as YouPorn being guilty of the practice.
The good news for Chrome and Safari users is that they aren't vulnerable to this issue, and neither are Firefox browsers providing they're updated to the latest version. Internet Explorer users, however, must turn on "private browsing" to immunise themselves to web history hijacking.
Return to security news headlines
View Security News Archive