Hackers pollute legitimate JavaScript code to spread malware
Posted on 13.02.2013
Most hackers have stopped creating malicious sites long ago and have reverted to hacking legitimate ones and booby-trapping them with exploit kits, malware or malicious scripts. After all, these sites already have their own visitors, and have already been listed and approved by search engines.

According to Sophos researchers, the latest trend among hackers is to inject malicious code into legitimate JavaScript already present on the compromised websites.

"The JavaScript is automatically loaded by the HTML webpages and inherits the reputation of the main site and the legitimate JavaScript," they point out the benefit of this approach, noting that it has the added advantage of the detection occasionally being discarded as a false positive.

They discovered a wide variety of sites across the globe sporting examples of this malicious code, and the best part it is that the code is easily spotted if a knowledgeable human (as opposed to a malware analysis system) manually checks the site's source code. The problem is that not many do.

If you're not your site's web developer, it's important to choose a good hosting provider, the researchers point out. Not only will they keep all the software and the (JavaScript) libraries updated, but they will also fulfill the obligation of checking the site periodically for compromises.









Spotlight

New Zeus variant targets users of 150 banks

Posted on 19 December 2014.  |  A new variant of the infamous Zeus banking and information-stealing Trojan has been created to target the users of over 150 different banks and 20 payment systems in 15 countries, including the UK, the US, Russia, Spain and Japan.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Mon, Dec 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //