- Get link
- X
- Other Apps
- Get link
- X
- Other Apps
Today's edition gives you an insight into the world of malicious scripts and shows how do you resist these scripts and how you can protect yourself from them.
If
we were to describe all of the malicious scripts our analysts have ever
examined, this post would be the size of a textbook. You have probably
already established that it is a very diverse, and therefore widespread, type
of malware.
So
What Is a Malicious Script?
In the broadest sense, every script is a program code (script) that is written in
different interpreted languages. All scripts are executed with the help of
an external program (interpreter). In contrast to executable files,
scripts are mostly in the form of text files and can be read by a
human. It is almost impossible to restore the source code of a compiled
file to its original form, while scripts always contain the source code. In
principle, "bad" scripts are no different from "good"
scripts.
Malicious
scripts can be divided into two types:
1. Scripts that are embedded in the code
of websites, are interpreted by the browser and carry out the actions specified
by attackers.
2. Scripts designed to run on a user's
computer. They are executed by operating system components and have access
to APIs (file system, processes, etc.).
In the Internet context, malicious scripts most commonly refer to the first type.
Such scripts are typically written in JavaScript and PHP. They are in the
code of compromised websites trying to mine cryptocurrency in the user's
browser, display advertisements, and redirect to other websites that are often
fraudulent and dangerous. Web scripts can also contain PHP infectors that
infect "good" scripts on the server-side. Also, browser
extensions can contain malicious code.
In
theory, a website script could be used as an exploit. It is data that is
misinterpreted by a browser to gain access to an attacked
system. However, such exploits have become less common today due to the
sophistication of browsers, which restrict access to operating system
functions. So it is unlikely that malicious code on a website could harm
your computer. Nevertheless, the destructive functions mentioned are
sufficient to impair the life of a user. Advertising, scams, phishing,
browser slowdowns, and even hacking the website itself are all due to web
scripting. Also, they are cross-platform and very common: attackers
use them en masse to infect websites and web servers.
But
it's not just websites that are at risk. Another type of malicious script
exists that is run by operating system components. They can be written in
different scripting languages: JScript, VBS, PowerShell, Perl, Python, etc.
These
scripts are far more dangerous because they access the API objects
directly. Although scripts very rarely contain basic functions, they are
often used either to initially load other malicious modules into infected
systems or for intermediate or auxiliary operations. For example, Windows
PowerShell scripts, exploits, or utilities are contained that enable penetration
into the system/network. Although scripts are considered a cross-platform tool, some of them will only work on the intended operating systems as some
system APIs are important to their functioning. The aforementioned
PowerShell as well as BAT and JScript scripts work on Windows, AppleScript is
intended for macOS, and malware for Linux is often issued as a bash script.
System
scripts for operating systems are mostly distributed via email, shared on
hacked and malicious websites, downloaded by other programs, or distributed via
removable media and network resources.
In
addition, almost all malicious scripts are obfuscated. This means that
techniques other than traditional signature-based comparisons often have to be
used for recognition.
To neutralize Windows system scripts, we apply machine learning algorithms embedded in the virus engine. This approach allows us to successfully detect malicious code regardless of its complexity, which would be impossible with signature-based analysis.
Bottom
line: Scripts can carry a wide variety of malicious payloads - exploits,
miners, utilities, adware Trojans, and even encryption ransomware. Reliable
protection must be used against these.
So
that you can protect your computer and your data, we recommend the following:
1. Use the all-round protection Protegent Antivirus, which includes signature,
heuristic and machine learning technologies, web traffic control, anti-spam and
regularly updated databases with unsolicited and dangerous websites.
2. Keep the settings recommended by the
software developer.
3. Don't ignore security warnings from
antivirus apps, browsers, search engines, and operating systems.
4. Update your operating system, virus
protection app and other software regularly.
5. Do not install a dubious browser
extensions and add-ons.
6. Use firewalls for web apps, keep CMS and server software up-to-date, and back up your website regularly.
- Get link
- X
- Other Apps
Comments
Post a Comment