Security experts have recently issued a warning about a method of “embedding” dangerous JavaScript codes on websites utilized by online scammers and hackers.
Dan Hubbard, the director of research and security at Websense, reported that in the past few weeks, a “new generation” of JavaScript code known as JS/Wonka has been spreading rapidly, especially since the end of September. Currently, around 10,000 websites are using the same method to embed this type of JavaScript code.
This reality compels us to recognize that hackers and online criminals are attempting to conceal dangerous JavaScript codes. They want internet users and even website administrators to be unable to see such scripts.
JS/Wonka functions by converting characters into Unicode values. Typically, JavaScript performs this task automatically, making the implementation of this method quite easy and requiring minimal skills.
JavaScript codes are often hidden within IFRAMEs defined with a zero value to avoid prying eyes. Meanwhile, Internet Explorer has several IFRAME vulnerabilities that remain unpatched, making it a tool for hackers to exploit.
However, Internet Explorer is not the only browser targeted by JS/Wonka; other browsers, such as Firefox, also suffer from similar vulnerabilities.
Approximately half of the 10,000 websites with embedded JS/Wonka identified by Websense are either websites that have been compromised by hackers or dangerous sites specifically designed to distribute malware or spyware.
HVD – (Techweb)
