Hide back doors in JavaScript code with a new trick

A computer security researcher has shown how an attacker could sneak back doors into a JavaScript code which is apparently legitimate. It also does it without the victim, in addition to the text editors, being able to identify anything strange. It’s about hiding them through invisible characters. This logically can cause important security risks, even more so if they are not detected.

Invisible characters to sneak in malicious JavaScript code

Everything we cannot see becomes more dangerous. That is a reality. And we can also apply this to computer security. A clear example is what is known as fileless malware, which is basically malware that doesn’t actually use files. It is not as visible as a virus that comes with a program that we have installed could be.

In this case, these are invisible characters that can be used by cybercriminals and sneak into JavaScript code. This has been demonstrated by a cybersecurity team from the University of Cambridge. This type of attack has been referred to as a Trojan Source. It is capable of injecting vulnerabilities into the source code in such a way that a physical user, in addition to the text editor itself, could not see anything.

This method works with some of the most popular programming languages and used today. Attackers could use this strategy to carry out multiple attacks and put security at risk. It is mainly based on the bidirectional Unicode (Bidi) mechanism.

Security researcher Wolfgang Ettlinger has raised the possibility that a back door can be hidden via this method and that it is impossible to see it even with a thorough code review. In fact, it launched a proof of concept to show that this is possible. In his personal blog we can see the code that has a hidden back door.

The upshot of all this is the ability to sneak a backdoor into legitimate JavaScript code on paper. All this, moreover, in a hidden way without being seen even with a careful analysis.

Need to protect equipment

This type of threat, as well as any other of the “traditional” ones, forces users to protect equipment at all times and avoid risks. That is why from RedesZone we always advise having a good antivirus, such as Windows Defender, Avast, Bitdefender or any other that fulfills its functions well. But this alone is not enough.

Another essential point to be protected at all times is to have updated equipment. We must have the latest patches and updates to allow our systems to have the capacity to deal with potential threats and problems that appear.

But without a doubt the most important of all is the common sense. Avoiding making mistakes, such as downloading files that may be dangerous, browsing unofficial pages or opening emails without really knowing who is sending them, will be essential to be protected and prevent our computers from being in danger on the Internet.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *