AJAX Web Attacks, Futility of Anti-Virus{1}

AJAX is an acronym for Asynchronous Javascript and XML.  It is a technology meant to combine various other web development technologies such as HTML and CSS in order to give greater options to developers.  This week in class, we introduced the concepts of Javascript and AJAX and are implementing them in project 2.  For that reason, I decided to report on an article this week I found in PCWorld magazine warning of the dangers associated with AJAX websites.  Like with most technologies, hackers have found ways to inject AJAX with malicious code in order to exploit backdoor vulnerabilities.  In recent cases, security experts have discovered a server in China that injects normal websites that contain AJAX code with malicious javascript code.  The point in performing the attack in this manner is so the malicious code will be disguised with typical AJAX code found on any website containing AJAX.  In attempts to further hide the malicious code, the AJAX attack disrupts the workload of a host PC as it interacts with scripts in the website.  Malicious Code is segmented into pieces and is reassembled before being executed by the client.

What I found interesting about this article is that AJAX, something that we just learned about in class, can be used maliciously in the real world.  It drives home a point that I have always believed in regards to antivirus software, it just isn’t worth the cost.  The code’s ability to interfere with the workload and be downloaded in pieces and then reassemble itself makes it undetectable to antivirus.  It is only after it is executed that it can be detected, and only if a definition exists.  If one is just careful and is aware of the threats out there, they can always avoid and fix problems such as these.  Antivirus software is sometimes useful, but no matter how advanced, there are always ways for viruses to bypass a client’s defenses.



Constantin, Lucian (Jan 5, 2012). PCWorld.  Fragmented AJAX-based Web Exploitation Attacks Detected in the Wild. Retrieved from http://www.pcworld.com/businesscenter/article/247332/fragmented_ajaxbased_web_exploitation_attacks_detected_in_the_wild.html on April 29, 2012