Hiding Code into JavaScript

Monday, February 18, 2013 @ 06:02 PM gHale


Cyber criminals are using a smart way to hide their pieces of malware on legitimate websites. They’re injecting their malware into JavaScript code hosted on the site.

The malicious code inherits the reputation of the legitimate JavaScript and the main website . Even if security solutions identify the threat, the detection might appear as a false positive, said researchers at Sophos.

RELATED STORIES
Adobe Mitigation Plan for Zero Day
Trojan a Work of ‘Poetry’
Ransomware Encrypts Data
Ransomware Uses Java Zero Day

Such techniques have worked to plant the Troj/iframe-JG Trojan on various legitimate websites , including the ones of a primary school from England, a London nightclub, an East African TV company, Italian community sites, and a U.S. trade association of financial advisors.

The website of headphone manufacturer Fanny Wang also suffered infection with the malware, but the company has failed to respond to the security firm’s notifications.

None of the other notified companies responded to SophosLabs, so the experts haven’t been able to determine how the code entered the system, but the hackers may have abused the fact that some of the sites are using outdated software.



Leave a Reply

You must be logged in to post a comment.