Ghost of HTML5 Future: Web Browser Botnets


April 27, 2012 By The Vigilant Application Owner

April 27, The Register ­ (International) Ghost of HTML5 future: Web browser botnets. During a presentation at the B-Sides Conference in London, England, April 25, a senior threat researcher at Trend Micro outlined how HTML5 could be used to launch browser-based botnets and other attacks. The new features in the revamped markup language ‹ from WebSockets to cross-origin requests ‹ could cause major issues for the information security arena and turn browsers such as Chrome and Firefox into complete cybercrime toolkits. Many attack scenarios involve using JavaScript to create memory-resident “botnets in a browser,” the researcher warned, which can send spam, launch denial-of-service attacks, or worse. Because an attack is browser-based, anything from a Mac OS X machine to an Android smartphone can run the platformneutral code, simplifying the development of malware. Creating botnets by luring users into visiting a malicious Web page, as opposed to having them open a booby-trapped file that exploits a security flaw, offers many advantages to hackers. Malicious Web – 15 – documents held in memory are difficult to detect with traditional file-scanning antivirus packages, which seek out bad content stored on disk. JavaScript code is also very easy to obfuscate, so network gateways that look for signatures of malware in packet traffic are easy to bypass ‹ and HTTP-based attacks pass through most firewalls.

Source: http://www.theregister.co.uk/2012/04/27/html5/