Cunning JavaScript
Thursday, September 15, 2016
Itâs quite common to hear about bank webpages being modified by malware and certain resources (e.g., antivirus-related ones) being at risk of becoming blocked. How difficult is it for cybercriminals to perform such maneuvers? Letâs take a look.
JavaScript, a specialised programming language, comes to the rescue of criminals. It allows some code to be executed on the user side—i.e., not on the server side, from which website page content is downloaded.
JavaScript can help execute actions during certain events—for example, when a webpage is loading completely, or when a user clicks on a page element (a button, link, etc.). In addition, JavaScript can be used to identify the browser in use. As a result, the user views pages that are optimised specifically for his/her browser.
Moreover, JavaScript can be used to save and upload information from a computer, including critically important information.
So, if we visit a website, some programs are downloaded onto our computer (as text scripts with very simple syntax), and a cybercriminal can modify those programs as they see fit.
After filling out all the forms, the âSendâ button wouldnât work. It turned out that the JavaScript code placed on the webpage blocks the button 24/7 except for Mondays through Thursdays from 9:00 to 17:00, and Fridays from 10:00 to 18:00.
The researcher recommends that users simply disable JavaScript in order to bypass this limitation.
The Anti-virus Times recommends
Unfortunately, no solution exists that can help determine whether what we see displayed on website pages is exactly what the site owner wants us to see. Alas, a website can be modified on the developer side (as a result of hacking, the presence of a vulnerability in the website’s engine, or due to a trivial leak of the passwords used to access it), as well as on the user side. Banking Trojans and phishers especially like to modify website pages. To minimise the risk, it is essential that you use anti-virus software that doesn’t allow malware to penetrate your computer.
Dr.Web ShellGuard technology is an effective security tool for preventing website pages from being modified. It tracks attempts made to embed malicious code (exploits) in a browser’s running process and prevents malware or phishing modifications.
Learn more about this technology on the page Technologies for analysing behaviour and terminating malicious processes—Dr.Web ShellGuard.
Modern browsers let you disable JavaScript for all websites or (using special plugins) just some of them.
Important! Disabling JavaScript may cause some websites to fail, so use this feature carefully.
As an example, let’s consider the option to disable JavaScript for Mozilla Firefox. Unfortunately, in the latest versions the option to disable JavaScript has been removed from the browser’s settings page, so you need to take a more circuitous route:
- In the browser’s address bar, enter the command about:config.
- In the newly appeared window, click on “I’ll be careful; I promise!”.
- In the search box, enter javascript.enabled.
- Left-click on the Status column; select “Switch”; and in the column “Value”, change “false” to “true”.
- Reload the current browser page.
Tell us what you think
To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.
Comments
vasvet
12:36:52 2018-07-15