Ajax Based Worms

With the number of developments made on Ajax, you’ll be expecting that the program could really be effective not only in personal usage but also in enterprises. We all see some tools and frameworks being updated so that it could accommodate Ajax.

The programmers and the internet community somehow acknowledged the idea that the Ajax will become the next acceptable platform for development. Many are trying to get their hands on this program as the demand for this program is increasing. We’re not even looking at the mobile technology where Ajax could bloom to its full potential.

However, everyone might have missed something in the development of Ajax. It seemed to be a perfect world where Ajax can run in any program, platform and browser. In the process of development and the hype, everyone seemed to do what they like to do but didn’t address one of the most important things in the internet world: security.

Ajax is very vulnerable to attacks as internet security scanners can’t identify any flaw when the website is Ajax based. All they will see are combination of codes of XML, HTML and JavaScript. Each one should be scanned manually which will virtually takes forever to analyze. Seeing the opportunity of web scanners unable to identify the security threat, hackers exploited this vulnerability.

For now attacking Ajax based programs seemed a little bit too early because there are little sites that feature this program. So the hackers turned it the other way. Since Ajax can’t be scanned, why not make a worm that’s Ajax-Based? If you attack a program using Ajax, it could crawl into any program and website without being monitored or flagged as a security threat. And our fear of this kind of attack was realized even before we know it.

A super worm (take note of the word SUPER) that’s completely Ajax based was detected. If you’re thinking on how the program could crawl, that’s easy. The worm aims to attack Web 2.0 sites – websites that relies on user generated content. Since these sites are user generated, the hackers are free to upload anything they want. They can post anything without the system flagging it as a dangerous content.

Ajax uses the cross site referencing code (more known as XSS) to attack other programs. Since it can be redistributed to other websites, the worm will naturally crawl itself to other programs. Once website is inflicted with the worm, it will monitor the IP of the user and from there, attacks the user making his personal profile and internet activity available for a hacker.

The process when written could be very complicated, but once implemented it’s very effective and very fast. Internet companies are already aware of this and maybe creating some counter-measures to prevent this. They maybe able to create a counter attack but by the fact they are already to create some program that’s virtually undetected, at the same time that we see the positive things Ajax can do to our sites, we also see the dark side of it.