JavaScript obfuscator: Overview and technical overview

JavaScript has long been used as a method of hiding malicious payloads, especially via websites. A new development has seen this technology leveraged as a phishing email attack vector.

When it comes to scripting languages, few are as well known, or well implemented, as JavaScript. It is used in web applications and is very popular thanks to its ease of use, massive libraries and the fact that it runs on almost any computing platform.

Parts of these positive attributes have created a real danger for unwitting email users. JavaScript is being utilized in phishing attacks where JavaScript code is being injected into target computers. Phishing attacks that use this kind of method to infect target machines with malicious code have increased by over 70%, as reported by Akamai researcher Or Katz. 

The following shows the attack types and increases from the report:

Content escaping obfuscation techniques, 72% Base64 encoding, 800% HEX encoding variable name obfuscation, 86% Eval execution obfuscation, 400%

There are a few reasons why these kinds of attacks have suddenly become popular, primarily because JavaScript is a client-side scripting language. This means that once the script has run on a target computer, the user or

Read More: