Malware in JavaScript?

by Quoc L
In this age of mobile connectivity, hacker and exploiter is always looking for new technique in hide their malicious programs. ESET senior researcher have found a new malware exploit using JavaScript. These malware are hidden within the JavaScript OnMouseMove Event code. When  guest visit the compromised site and used their mouse, the malware will instantly active. The malware  avoid detection from security web crawler by reminding deactivate whenever there no mouse movement. Another technique that hacker use it by place snippet of code within a applet, which will later decode the applet and install the malicious software into your computer.

It feel this is important to share to the class as we are learn more about JavaScript. For every use of new technology there always going to be a misuses of it. While JavaScript might potentially help us create a better and more efficient website, there lurker the danger of it been hijack.

I find these article interesting as it seem like every other weeks there some new techniques in hiding malware and virus on the web. Learning about all the function is essential but know how to protect its is equal as important. If certain protocols isn’t keeps, your site might lead to potentials legal problem in the future.

Rubenking, N. (2012, April 14). Pc mag. Retrieved from http://securitywatch.pcmag.com/hacking/296639-nuclear-pack-exploit-kit-infects-users-hides-from-researchers

3 thoughts on “Malware in JavaScript?

  • April 29, 2012 at 9:30 pm
    Permalink

    Very nice summary of the article! Hopefully software companies will come out a fix for this security issue soon. But as with any other new technoloies out there, there be always be flaws with it, the only question is that will the pro overweight the con? JavaScript seems to offer a lot of benefits for websites, and it also creates new security concerns. It seems to me in the case of JavaScript, the con is outweighing the pro at the moment.

  • April 29, 2012 at 9:37 pm
    Permalink

    It just goes to show you how technology can be used in malicious manner. Hackers are always looking for new exploits and holes to intentionally unload harmful code onto your computer. With the way technology is changing, there will always be new ways for them to gain access to your computer.

  • April 30, 2012 at 12:01 am
    Permalink

    Very interesting article, I personally don’t trust javascript all that much because I knew that there are many ways for people to use it to attack your system. Good thing there is NoScript for Firefox, it allows me to forbid any scripts from running on the site the I am currently visiting unless I manually allow it.

Comments are closed.