That script? It’s safe, lots of sites use it.

There are a few big JavaScript libraries out there in common usage.  These libraries provide web developers with an advanced set of tools to build powerful functionality into their sites.  One of the most commonly used is jQuery.

If you were ever curious about what a script on a site did, you could check the source and see the loaded JavaScript.  Normally when examining the source, you will see these big libraries referenced and not bother reading through them.

Because they are huge, dense, and you know and trust the code….but should you?

Not necessarily.

Malware distributers are starting to piggyback on these libraries to get their malicious code into sites.  They can simply take the enitire script file, insert a few nasty functions, and host it on an official-looking domain.

The best defense – a script whitelist on your browser (like NoScript).  Without it, you might be susceptible to an attack from one of these malicious scripts.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s