The Hacker News Logo
Subscribe to Newsletter

M86 Security detected Web exploitation attacks using AJAX

M86 Security detected Web exploitation attacks using AJAX
Security researchers from Web filtering vendor M86 Security have detected Web exploitation attacks that use AJAX to fragment the payload into small pieces of code that are harder to detect by antivirus programs and intrusion prevention systems. The attack starts on a page that contains an unsuspicious piece of JavaScript code that is similar to that commonly found on legitimate AJAX-using websites.

This code is responsible for fetching the payload in multiple chunks and assembling it back together on the client before executing it. Different pages found by M86 on the attack server exploited vulnerabilities in unpatched versions of Flash Player and Internet Explorer.

Bogdan Botezatu, an e-threats analyst at antivirus vendor BitDefender said "This attack scenario definitely has its advantages: by passing the payload in several distinct chunks, the offending packets would likely avoid interception as they pass through the firewall".


Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.