JavaScript Exploit attempt on forum

Kreelor · 11-10-13, 04:30 PM

I just now encountered this JavaScript Exploit attempt while I was trying to upload an image (using the "Manage Attachments" option on the Carbonite user's forum.

Just thought I'd let you know.

Vlad · 11-10-13, 09:15 PM

The minified jquery script might trigger obfuscation warnings, but in reality it's just code that is purposefully made as compact as possible to save bandwidth.

I'd consider this a false-positive response from AVG and I wouldn't worry about it.

The only thing the admins can do is check and make sure their jquery file is not compromised - something I highly doubt.

***Dolby*** · 11-10-13, 09:23 PM

Thanks, just landed back home from BlizzCon. I will double check everything tonight. Most likely a false positive.

***Dolby*** · 11-10-13, 10:19 PM

Yup, everything looks good code wise and even virus total is happy...

https://www.virustotal.com/en/url/19...is/1384143335/

Google says we are clean too...

http://www.google.com/safebrowsing/d...winterface.com

If you get the alert again make sure your virus defs are being updated because if its getting a false positive on that it should be going off on a lot of other sites since its standard jQuery

Phanx · 11-11-13, 05:55 PM

I had to laugh at this one. If "obfuscated JavaScript" qualifies as an "exploit" then the majority of the websites on the Internet should be triggering warnings, since "obfuscation" is a pretty standard part of code minification, which is a pretty standard part of optimizing your website to load as quickly as possible.