AJAX Delivering Malware

by Mike Y
Security researchers found that malware was being separated into different chunks to get through firewalls and stay undetected by antivirus programs. The researchers  from Web filtering vendor M86 Security said “the attack was observed on a currently running server located in China, which is serving malware.” Because the malware is in chunks of code, antivirus software and firewalls have a hard time detecting signatures of malware. AJAX is used to “write generic attack pages which looks benign,” but when the pieces of code are assembled, and when the dynamic content is loaded is when it become malicious. This is when antivirus software can detect virus signatures, but is not foolproof.

This is relevant to client-side topics because AJAX is used to enhance the user web experience. Although it makes the web dynamic for increased user enjoyment, it also provides more opportunities for malicious hackers. The more complex something is, the harder it is for developers to cover every single vulnerability that may exist. The malicious hackers will exploit every security hole there is in order to accomplish their goals, whether it is to steal information or spread viruses.

There are many threats to the computers people use every day, which is why I disable scripts when I browse the internet and only allow sites I trust. Even legitimate site can be hacked to distribute malware without the user knowing that the site has been compromised. While improving the user experience is the general goal of websites, the users themselves should be wary of the site they use.


Constantin, L. (2012, Janu 5). Fragmented ajax-based web exploitation attacks detected in the wild. PCWorld, Retrieved from http://www.pcworld.com/businesscenter/article/247332/fragmented_ajaxbased_web_exploitation_attacks_detected_in_the_wild.html