Cybersecurity researchers have identified a large-scale, stealthy campaign involving the use of obfuscated JavaScript injections called JSFireTruck that hijack legitimate websites to deliver malware and scams. These attacks utilize sophisticated techniques like fingerprinting and dynamic hosting to evade detection and target victims selectively. #JSFireTruck #HelloTDS
Keypoints
- The campaign infects thousands of websites using obfuscated JavaScript code called JSFireTruck.
- The malicious code detects website referrers and redirects search engine traffic to malicious URLs.
- Over 269,000 web pages were infected between March and April 2025, with a significant spike on April 12.
- The HelloTDS service is used to redirect victims to scams or malware by injecting JavaScript into websites.
- Attackers employ fingerprinting and multi-stage hosting to evade detection and target specific victims.
Read More: https://thehackernews.com/2025/06/over-269000-websites-infected-with.html