Almost 25% of Weaponized JavaScript Samples are Obfuscated To Evade Detection

In this case, we constantly need to keep our eyes open and stay aware of such destructive techniques or approaches utilized by the danger stars by monitoring the trends and examining the evolution of these kinds of destructive strategies or methods that are made use of in the wild by the attackers.

In the above image, you can see examples in which how the same unique packer functionality is used to identify and obfuscate any harmful JavaScript code.


While has exposed that amongst 20,000 top-ranked sites there are 0.5% of sites, which contain ingrained, obfuscated JavaScript code. It doesnt suggest that all these websites are harmful given that they utilize this to keep their web code private from the public.

These 10,000 malicious JavaScript samples cover threats like:-.

According to the report, While in the case of 20000 tp-ranked websites, this circumstance absolutely change, given that it depicts a different story, as they utilize obfuscation for genuine purposes like:-.

Malware droppers.

Now why its getting made complex? Its getting made complex due to the use of obfuscation for legitimate functions, and this indicates that it cant be constantly flagged as malicious..

You can follow us on Linkedin, Twitter, Facebook for day-to-day Cybersecurity updates.

In the current period of the risk landscape, the accessibility of restricted resources, and every millisecond counts, perform a vital function. Given that there are always ongoing wars in between cybercriminals and defensive forces.

Though its not thought about a new technique, making use of JavaScript obfuscation clearly shows that how quickly risk stars are still adopting this approach to evade detection.

Phishing pages.
Cryptominers malware.

To hide a few of their client-side code functionality.
Code that was obfuscated by a third-party provider.
The obfuscation of sensitive information like email addresses.

It implies if any JavaScript code serves dangers such as phishing, malware droppers, or scammers then it might be easily detected by utilizing the unique performance of Packers.

When it comes to packers, at that point its everything about compressing or securing code. Simply put, its a technique through which the developers compress or secure their code to make it unreadable or non-debuggable.

This tremendous portion clearly suggests that how quickly threat actors are embracing obfuscation methods to evade detection. For destructive purposes, JavaScript obfuscation is not solely utilized always.

After evaluating more than 10,000 harmful JavaScript samples its being concluded by the security experts of Akamai that about 25% of the examined harmful samples evade detection by utilizing JavaScript obfuscation methods.

Packers have unique performance that will be quickly provided at the SecTor 2021 conference, by utilizing this function anybody can find JavaScript prior to its being obfuscated.