JavaScript, the ubiquitous scripting language used across Web applications worldwide, is becoming a key ingredient in phishing campaigns looking to plant malicious code on victims' computers, new research shows.
Phishing attacks using JavaScript obfuscation techniques rose more than 70% from November 2019 through August 2020, according to Akamai lead researcher Or Katz.
Katz says that the reason for the rise in this attack technique is simple. "The fact that JavaScript is a scripting language that runs on the client side gives [attackers] the ability to create content, but only once that content is rendered on the browser of the potential victims, will the actual page be rendered and be presented to the victim," Katz says. "Only at that point in time will you see the actual phishing website asking for credentials or other personal information."
In the first of a series of blog posts on his research, he said "content escaping," while not a sophisticated obfuscation technique, is effective at hiding - or obfuscating - the malicious content of a message. It is also far more commonly used on malicious websites than in phishing or scam email messages. It's the technique's growing use in email that caught Katz's attention.
JavaScript has been used in fairly simple obfuscation techniques, but the obfuscation is becoming more sophisticated, he found. Take XOR decryption, which he's seeing in more and more campaigns. XOR (exclusive-or) is a technique taken from cryptography that makes contents smaller while creating a block of text that is unique for each message. The ..
Support the originator by clicking the read the rest link below.
