Browser gets safety add-on
Hyderabad-based C-DAC develops new safety product.
Hyderabad: If you are worried about malwares and viruses attacking your browsers, city-based C-DAC has a simple solution for you: an add-on to the browser.
The add-on — JS Guard — will get active whenever you use the browser and malicious attacks.
According to CDAC Hyderbad centre director E. Magesh, JSGuard detects and defends malicious HTML and JS attacks made through the web browser based on Heuristics.
“If the user visits any malicious web pages, it alerts him about the threat. Apart from this, the browser protects online transactions from malicious redirection, detects financial attacks, detects password stealing attacks, protects the user from exploit site brenz.pl,” Mr Magesh said.
www.brenz.pl is an exploit site pre-loaded with an exploit kit called Eleonore. It is a dangerous domain, especially created to propagate rogue programmes, Trojan horse and browser hijacker, which can freeze the system. It may also lead to identity theft, financial loss and permanent file deletion.
“Sometimes even legitimate websites may be infected with malwares. JS Guard alerts users on such hidden iframes. It protects the user from websites with pre-loaded exploit kits. In all such attacks, the malware sends a request to the hacker when the site is opened. But JSGuard prevents such interaction and protects the user,” Mr Magesh said.
The browser also detects certain banking trojans and stops redirecting of user from Modified HTML pages of target websites for information stealing purposes.
“In some sites javascripts are manipulated, due to which whenever the user tried to log into his account, the site collects and saves the user credentials and passwords. All such attacks can be detected and alerted with JSGuard.” he said.
JS Guard can even detect Tabnabbing which is a new way of targeting online accounts. “When a user is operating multiple tabs on a browser and when he switches back to one from the other, the browser asks him to log in with user id and password once again. But actually an intruder could have hacked the user’s operating system with a different url, which is similar to that of the original site. All such redirection to the user’s redirection websites can be prevented by JSGuard.” Mr I.L. Narasimha Rao, project manager, ISEA, CDAC Hyder-abad centre, said.