JavaScript Malware

Thousands of malware are created to infiltrate our computers and we have always found a way of defeating such malwares. They often attack the operating system and destroy files and applications which would eventually disable the computer.

With the help of proper anti-virus and anti-spyware, you will be able to prevent this type of attacks on your computer. The mere fact that you are reading them today would mean that you have been covered against popular viruses, malwares and spywares.

However, do not be too comfortable as a new JavaScript malware that have been going around destroying computers without warning. It is practically found in some Ajax based websites posing as legitimate website which actually contains a JavaScript malware that could infiltrate your system. It could shutdown your computer permanently without warning.

How it Works?

We all know that malwares use the operating system as a platform. In fact, addressing an attack of a virus could be cured by simply transferring from one OS to another. But that thought may no longer be possible with the onslaught of JavaScript.

Implemented since 1995, JavaScript has become the vehicle for the next step in developing an application because of its ability to be implemented in any browser without the need of additional plug-in. You can virtually build a machine that could run in a browser.

Since JavaScript could build virtual machines within a browser, the browser becomes the virtual Operating System. That means it will never care if you are running a Mac, a PC or a Linux. As long as it could run a browser, it is vulnerable. That is maybe the scariest part since you cannot just switch to another OS to protect yourself from popular malware. By simple using the browser, you are practically opening your computer to different types of malwares.

The Bridge Attack

One of the common type of JavaScript malware attack is the bridge attack. The most popular browsers (IE and Mozilla), already have the tabbed function. This feature has enabled the bridge attack. The user may have a very important web based application while on the other tab lazily browsing through different websites.

If the user would end up with an interesting yet unknown Ajax based website, he or she may be accessing a website with a malware that could interact with the user while the JavaScript malware is running on the background interacting with the other tabbed website.

The longer it will stay on, it will eventually bridge into the computer system. If the user is connected through LAN, it may even be able to connect to the network when the website is left on.

The malware’s name is Jinx and it has already affected a few systems. But because we have identified it does not mean that is the end of it. As we speak, malware developers have found a very powerful and scare tool that may shut down our computer.

Ajax could be the next step in online technology and it is also the next step for a totally different and more powerful type of attack.