What Is Script-Based Malware? How to Stay Protected from This Sneaky Cyberthreat

By on

When you hear the word “script,” you probably think of either a movie script, or JavaScript. Though most of us don’t get to see movie scripts, JavaScript is a little more readily available, since it’s one of the many scripting languages that are commonly used by programmers to enhance features of websites. Their popularity, unfortunately, is now be leveraged by the bad guys too, as scripting techniques are being used by cybercriminals to enhance the strength of their cyberattacks. In fact, now more than ever, hackers are creating script-based malware, as our researchers have stated in the McAfee Labs September 2017 Quarterly Threats Report. Let’s take a look as to why script based malware has dramatically increased over the past two years.

Evasion is probably the key reason behind the popularity of this attack tactic, since scripts are easy to obfuscate and therefore difficult to detect. Plus, scripting languages are generally easier to learn and faster to code in than other languages, making them an easy sell for eager hackers.

Specifically, the scripting languages these crooks are using include: JavaScript, VBScript, PHP, PowerShell, and others. Our McAfee labs team has seen Bartallex, Kovter, Nemucod, and W97/Downloader, along with many other malwares, using these scripts to deliver malicious payloads to victims’ devices. For instance, in 2016, Locky was spread by using multiple obfuscated layers of JavaScript. We have also seen the execution of fileless malware with the help of a PowerShell script.

Now, the next question is – what does this mean for you? And what can you do to protect your devices from script-based malware? The best way to protect your personal devices from script-based malware infections is to stop them before they happen. So, be sure to remain wary of downloading and installing applications that you don’t understand or trust, and always apply security updates and patches for applications and operating systems. Additionally, block cyberattacks before they happen with a comprehensive security solution such as McAfee LiveSafe, which is now new and improved.

Learn more about other topics explored in the McAfee Labs Quarterly Threats Report by checking out our blog on Faceliker malware. And, of course, stay on top of the latest consumer and mobile security threats by following me and @McAfee_Home on Twitter, and ‘Like’ us on Facebook.

Categories: Consumer Threat Notices
Tags: ,

Leave a Comment

Similar articles

If you’re a gamer, you know how important virtual currency is. It allows you to purchase new costumes and weapons to personalize your avatar. But how does one go about gaining virtual currency? Players complete in-game challenges and are rewarded with coins to spend in their virtual world. These challenges can be pretty difficult and ...
Read Blog
Cryptocurrency mining is the way transactions are verified and added to the public ledger, a database of all the transactions made around a particular piece of cryptocurrency. Cryptocurrency miners compile all of these transactions into blocks and try to solve complicated mathematical problems to compete with other miners for bitcoins. To do this, miners need ...
Read Blog
The authors thank their colleagues Oliver Devane and Deepak Setty for their help with this analysis. McAfee Labs researchers have discovered new Russian malware, dubbed WebCobra, which harnesses victims’ computing power to mine for cryptocurrencies. Coin mining malware is difficult to detect. Once a machine is compromised, a malicious app runs silently in the background ...
Read Blog