A high chance of websites being exposed to third-party JavaScripts has recently been identified by researchers, with a further concern of threat actors having an easy way to exploit them to inject malicious codes into the sites.
In a normal occurrence, webpages load a third-party script into a browser coming from an external server that belongs to a third-party vendor. The loaded script usually bypasses web application firewalls, perimeters, and network monitoring tools during this procedure. For this reason, hackers have been presented with a straightforward way to propagate malicious code into the website’s environment through third-party scripts.
Many script developers often include codes sourced from other developers, who might have also obtained their scripts from many other developers, which worsens the issue of third-party JavaScripts being abused for cyberattacks.
Companies and organisations have long been using third-party scripts into their websites to integrate different features such as dynamic forms, orders and payments processing, shopping carts, social media buttons, and more.
Some particular sectors have a higher third-party JavaScripts usage rate than other sectors, such as the healthcare and financial industries. According to a security analyst, threat operators are attracted to executing financially-motivated attacks on websites that often handle transactions or collect users’ personal information.
Several incidents have already been recorded wherein hackers have leveraged third-party scripts into infiltrating websites to steal data, including users’ personal and financial data. Moreover, they also abused the scripts to carry out phishing attacks, log keystrokes, and other malicious attacks.
For instance, a notorious hacking group dubbed Magecart is known for stealing people’s payment card data through card-skimming software that they inject into a third-party script of retail businesses’ websites.
Cybersecurity experts stressed that the third-party JavaScripts being abused for attacks remain an open avenue for hackers to compromise websites worldwide. Thus, it is highly recommended to establish strong security protocols within websites, including partnering with enterprise security teams to help safeguard an online business environment from cyberattacks.
