When you hear the word “script,” you probably think of either a movie script, or JavaScript. Though most of us don’t get to see movie scripts, JavaScript is a little more readily available, since it’s one of the many scripting languages that are commonly used by programmers to enhance features of websites.

Their popularity, unfortunately, is now being leveraged by the bad guys, too, as scripting techniques are being used by cybercriminals to enhance the strength of their cyberattacks. In fact, now more than ever, hackers are creating script-based malware, as our researchers have stated in the McAfee Labs September 2017 Quarterly Threats Report. Let’s take a look as to why script-based malware has dramatically increased over the past two years.

Evasion tactics in script-based attacks

Evasion is probably the key reason behind the popularity of this attack tactic, since scripts are easy to obfuscate and therefore difficult to detect. Plus, scripting languages are generally easier to learn and faster to code in than other languages, making them an easy sell for eager hackers. Specifically, the scripting languages these crooks are using include:

  • JavaScript
  • VBScript
  • PHP
  • PowerShell
  • and others

Our McAfee labs team has seen Bartallex, Kovter, Nemucod, and W97/Downloader, along with many other malware, using these scripts to deliver malicious payloads to victims’ devices. For instance, in 2016, Locky was spread by using multiple obfuscated layers of JavaScript. We have also seen the execution of fileless malware with the help of a PowerShell script.

How to stay protected from this cyber threat?

Now, the next question is – what does this mean for you? And what can you do to protect your devices from script-based malware? The best way to protect your personal devices from script-based malware infections is to stop them before they happen. So, be sure to remain wary of downloading and installing applications that you don’t understand or trust, and always apply security updates and patches for applications and operating systems. Additionally, block cyberattacks before they happen with a comprehensive security solution such as McAfee+, which is now new and improved.