Home > Cyber News > Gmail Bans JavaScript .JS Attachments to Counter Malware
CYBER NEWS

Gmail Bans JavaScript .JS Attachments to Counter Malware

by   |  Last Update:  |  0 Comments  

February 13, 2017, is the day when Google will stop allowing JavaScript attachments on Gmail. These attachments are indeed the most popular way for malware to sneak into a user’s system. More particularly, users will not be able to attach .JS files to emails, and it won’t matter if they attach them directly or include them in archives such as .gz, .bz2, .zip or .tgz.

Related Story: Porn Clicker Trojan Hides in Google Play Apps, Check Your Android

The list of file attachments banned by Google includes the following:

.JS, .ADE, .ADP, .BAT, .CHM, .CMD, .COM, .CPL, .EXE, .HTA, .INS, .ISP, .JAR, .JSE, .LIB, .LNK, .MDE, .MSC, .MSP, .MST, .PIF, .SCR, .SCT, .SHB, .SYS, .VB, .VBE, .VBS, .VXD, .WSC, .WSF, .WSH.

.JS Files in Malware Distribution

All of the attachments have been deployed in malware distribution campaigns and thus the ban by Google. JavaScript files particularly have been long favored by cybercriminals, mainly because they can be executed directly on Windows via the Windows Script Host component.

Related Story: Protect Yourself from Getting Infected by Malicious E-mails

.JS files are usually obfuscated and are used as downloaders for malware, especially ransomware such as TeslaCrypt and Locky. There are also ransomware pieces completely coded in JavaScript, like RAA.

How Does Obfuscation Work?

Obfuscators have been used in malware distribution for quite some time Their main purpose is to conceal the binary code of programs so that cybercriminals may be able to prevent the competition from stealing it and copying it. Obfuscators conceal the contents of the malicious files so that they can evade anti-malware software.

Related Story: Obfuscation In Malware

Besides .JS, other files can be deployed in a similar way such as .VBS, .VBE, .WSH, and .WSF. Luckily, Google blocks all of them.

Users are strongly advised not to open a file type they don’t know or don’t recognize. Make sure to always check the sender. If it seems dubious, it most certainly is!

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Related posts:
  1. Top 6 Advanced Obfuscation Techniques Hiding Malware on Your Device Increasingly more sophisticated and innovative ways are being developed by...
  2. Remove Www.search-story.com Browser Hijacker This article will help you to remove www.search-story.com fully. Follow...
  3. Coin Miner Viruses – How Do I Protect Myself (JavaScript and Trojans) This article has been created with the purpose to explain...
  4. Apple Bans Cryptocurrency Miners from the App Store Apple has started restricting the inclusion of cryptocurrency miners from...
  5. Spam in 2018: Beware ZIP, .DOC, .XLS, .PDF, and .7Z File Attachments New security statistics reveal that spam is one of the...
  6. Roskomnadzor Bans 1.8 Million Google and Amazon IP Addresses strong>Roskomnadzor, Russia’s telecommunications watchdog, banned today over 1.8 million IP...
  7. CoinImp Coin Miner Virus (JavaScript) – How to Remove It and Stop It This article has been created in order to explain what...
  8. Locky File Virus 2017: Beware Emails with Twice-Zipped Attachments Locky file virus, or Locky ransomware, is being spread once...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree