Saturday, January 25, 2025
HomeCyber AttackAlmost 25% of Weaponized JavaScript Samples are Obfuscated To Evade Detection

Almost 25% of Weaponized JavaScript Samples are Obfuscated To Evade Detection

Published on

SIEM as a Service

Follow Us on Google News

After analyzing more than 10,000 malicious JavaScript samples it’s being concluded by the security analysts of Akamai that about 25% of the examined malicious samples evade detection by using JavaScript obfuscation techniques.

These 10,000 malicious JavaScript samples cover threats like:-

  • Malware droppers
  • Phishing pages
  • Scammers
  • Cryptominers’ malware

This immense portion clearly indicates that how rapidly threat actors are adopting obfuscation techniques to evade detection. But, for malicious purposes, JavaScript obfuscation is not solely used always.

While Alexa.com has revealed that among 20,000 top-ranked websites there are 0.5% of websites, that contain embedded, obfuscated JavaScript code. But, it doesn’t mean that all these websites are malicious since they use this to keep their web code private from the public.

Packers

When it comes to packers, at that point it’s all about compressing or encrypting code. In short, it’s a method through which the developers compress or encrypt their code to make it unreadable or non-debuggable.

Packers have unique functionality that will be soon presented at the SecTor 2021 conference, by using this feature anyone can detect JavaScript before it’s being obfuscated.

It means if any JavaScript code serves threats such as phishing, malware droppers, or scammers then it could be easily detected by using the unique functionality of Packers.

In the above image, you can see examples in which how the same unique packer functionality is used to detect and obfuscate any malicious JavaScript code.

According to the report, While in the case of 20000 tp-ranked websites, this scenario totally change, since it depicts a different story, as they use obfuscation for legitimate purposes like:-

  • To hide some of their client-side code functionality.
  • Code that was obfuscated by a third-party provider.
  • The obfuscation of sensitive information like email addresses.

In the current era of the threat landscape, the availability of limited resources, and every millisecond counts, perform a critical role. Since there are always ongoing wars between cybercriminals and defensive forces.

Now why it’s getting complicated? It’s getting complicated due to the use of obfuscation for legitimate purposes, and this means that it can’t be always flagged as malicious. 

Though it’s not considered a new technique, the use of JavaScript obfuscation clearly shows that how rapidly threat actors are still adopting this method to evade detection.

In this case, we always have to keep our eyes open and stay aware of such malicious techniques or methods used by the threat actors by monitoring the trends and evaluating the evolution of these types of malicious techniques or methods that are exploited in the wild by the attackers.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Subaru’s STARLINK Connected Car’s Vulnerability Let Attackers Gain Restricted Access

In a groundbreaking discovery on November 20, 2024, cybersecurity researchers Shubham Shah and a...

Android Kiosk Tablets Vulnerability Let Attackers Control AC & Lights

A security flaw found in Android-based kiosk tablets at luxury hotels has exposed a...

CISA Releases Six ICS Advisories Details Security Issues

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS)...

Juniper Routers Exploited via Magic Packet Vulnerability to Deploy Custom Backdoor

A sophisticated cyber campaign dubbed "J-magic" has been discovered targeting enterprise-grade Juniper routers with...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

More like this

Subaru’s STARLINK Connected Car’s Vulnerability Let Attackers Gain Restricted Access

In a groundbreaking discovery on November 20, 2024, cybersecurity researchers Shubham Shah and a...

Android Kiosk Tablets Vulnerability Let Attackers Control AC & Lights

A security flaw found in Android-based kiosk tablets at luxury hotels has exposed a...

Beware of Fake Captcha Verifications Spreading Lumma Malware

In January, Netskope Threat Labs uncovered a sophisticated global malware campaign leveraging fake CAPTCHA...