Javascript code 'penetrates' all browsers that are revealed
Malware programmed in Javascript language has the ability to turn the web browser into a hacker tool that has leaked and released to the Internet.
This is the work of researcher Billy Hoffman currently working for security firm Spy Dynamics to prove the dangers of Javascript malware types at the Shmoocon hacker conference last March 24.
Accordingly, Hoffman has found a solution to use Javascript to scan web security vulnerabilities. Javascript is a type of web programming language that can operate on any kind of browser. That's why Hoffman's attack technique can overcome any security solution.
Security experts were very concerned about Hoffman's Javascript code that could be used for malicious purposes if disclosed. Spy Dynamics researcher is committed to protecting and not letting the source code be disclosed.
But contrary to those commitments, Hoffman has posted his "invention" on several websites. This is the "leak pipe" that caused Hoffman's Javascript code to be "caught" and spread across the Internet.
That's exactly how Mike Schroll of Security Management Partners gathered a copy of Hoffman's malicious Javascript code.
Then just one day after Hoffman Schroll's speech published that Javascript code on his official website. But a few hours later Schroll gave up on Hoffman's request.
Schroll decided to post Hoffman's Javascript code on his website in order to demonstrate the maliciousness of Javascript and wished security experts to help find a solution against it.
Jitko software has been downloaded more than 100 times from Schroll's website. By the end of the week, the Jitko code starts appearing on the Sla.ckers.org forum page.
Now that Jitko has appeared on the Internet, the concern about this JavaScript code being used for the wrong purpose is more apparent than ever. Security experts fear that this Javascript will be used by hackers to scan web security and steal user information or to build their own botnet system.
Hoffman expressed his pity for leaking Jitko and said hackers could completely develop another Javscript code that functions similar to his but serves the hacker's dark purpose.
- The first Web 2.0 security flaw was revealed
- Google fixes the vulnerability in Gmail service
- JavaScript - Extremely dangerous attack tool
- Firefox and Safari allow password security
- The Windows error code appears
- Little interesting things about QR codes
- Moore revealed the new Apple Wi-Fi error attack code
- All three of the most popular browsers have vulnerabilities
- Better browsing with Avant Browser
- Many web browsers have security flaws
- Save the code subconsciously
- NASA lost the computer containing the ISS control code