Have you really never heard of malware from JavaScript? Buffer overflows and sandbox escapes are almost all JavaScript, still, hasn’t changed in the last decade. Sometimes it’s a random font parser library or something, but almost always it’s JavaScript. And now that browsers are auto-updating and they have fully staffed security teams behind them that get word of a vulnerability being secretly exploited before the general public, most people don’t get hit just because they browsed to a random website. But it’s still possible, and especially likely that a shady torrent site could be hosting malware or get ““hacked””.
Malicious javascript seeks to bypass security controls. It’s one of the reasons NoScript is a thing. It could be a malware loaded from an ad. Biggest reason for adblockers imo.
Check out this link for learning about this stuff.
I’ve read that article. It is complete garbage and doesn’t explain anything at all. It’s just standard cookie cutter fear mongering to sell some random antivirus software.
That article is for lay-persons and really an awareness article I surmise. If you’re technical you are likely already aware of the security concerns with jacascript.
In theory, that shouldn’t even be possible with JavaScript. There’s such a thing as same-origin policy for that exact reason…
Have you really never heard of malware from JavaScript? Buffer overflows and sandbox escapes are almost all JavaScript, still, hasn’t changed in the last decade. Sometimes it’s a random font parser library or something, but almost always it’s JavaScript. And now that browsers are auto-updating and they have fully staffed security teams behind them that get word of a vulnerability being secretly exploited before the general public, most people don’t get hit just because they browsed to a random website. But it’s still possible, and especially likely that a shady torrent site could be hosting malware or get ““hacked””.
Malicious javascript seeks to bypass security controls. It’s one of the reasons NoScript is a thing. It could be a malware loaded from an ad. Biggest reason for adblockers imo.
Check out this link for learning about this stuff.
https://heimdalsecurity.com/blog/javascript-malware-explained/
I’ve read that article. It is complete garbage and doesn’t explain anything at all. It’s just standard cookie cutter fear mongering to sell some random antivirus software.
That article is for lay-persons and really an awareness article I surmise. If you’re technical you are likely already aware of the security concerns with jacascript.