1187 words, 3 graphics, 6 subheadings, 8 highlighted content sections, a bulletpoint list... and all to say "An ad with a malicious script was used to ddos a website. We don't know how it happened, but please use our service!".
Welcome to the wonderful world of content marketing.
In modern browsers, `[1,]` is the same as `[1]`. If you coerce it to number, you get 1. (You get "1" if you toString it.)
In IE8, `[1,]` is the same as creating an array with a length of 2 whose first slot contains 1 and whose second slot was left empty. It's kinda like `[1, undefined]`, but there is no "1" key. If you coerce it to number, you get NaN. (You get "1," if you toString it.)
If you coerce 1 to boolean and negate it, you get false.
If you coerce NaN to boolean and negate it, you get true.
So, basically, it just checks if trailing commas in array literals are handled incorrectly.
Interesting explanation. When I last checked that the "!+[1,]" expression alone was coherent across all the browser but "if(!+[1,])" statement was not.
I think there is something weird about the parsing of the comma in "if" statement in old IE.
Anyone else read it as "Mobile Ad Blockers"? I came here curious to see how ad blockers could be used as DDOS vectors. Well, I guess theoretically, it might be possible to overwhelm a device with a page which has too many elements to block, causing the ad blocker to consume a lot of resources.
Another thing to consider, it might not have been an ad network but rather something like xcodeghost. Some of the most popular Chinese apps were compromised.
I dont understand how is it possible that browser would allow crossdomain request from attacker website to victim website? Unless victim has some CORS headers allowing all sites to query it?
Welcome to the wonderful world of content marketing.