Google starts blocking JavaScript attachments in Gmail


There’re many ways to distribute malware – Word documents that use macros is one of them, but it’s also one of the most popular. And then there’re .js files that use JavaScript to download corrupted executable files from sites controlled by cybercriminals. And Google seems to have found a solution to this – it all ends on February 13, as, according to their blog post, this is the date when sending .js files from Gmail will be forbidden. This may certainly irate some users, as not all of them use JavaScript with bad intentions. Besides, .svg files can also execute a JavaScript code, and, while banning those is also possible, it may lead to people abandoning their Gmail accounts in favor of those that don’t have such strict rules. On the other hand, .js files were used to overtake Yahoo! accounts just last year, and Microsoft also reported seeing spam campaigns that had this extension at the forefront. And, to give Google some credit, you will still be able to send those files via Google Drive and Google Cloud Storage.

But it should be mentioned that .svg files were also used to carry out other attacks. It was just last November that Facebook users were receiving images in this exact format – opening those led to a fake YouTube site that offered to download a malicious Chrome extension to watch the video. And, of course, it was a scam – doing so actually resulted in a computer being infected by Locky ransomware.

But cybercriminals never stop. Security researchers at Trustwave discovered the spam campaign that had distributing ZIP archives with .jvs files as its main goal. Those files also used JavaScript code and installed a Trojan called Ursnif when they were opened. And this campaign happened in January of this year. So it’s pretty much a given that con artists will come up with something else to distribute malicious programs.

We also need to point out that Google restricts sending .exe, .jse, .ade, .msc, .bat, and .adp files. And while it’s certainly understandable that the company wants to protect its reputation, as well as their clients, forbidding something rarely leads to desired results, and users of other email providers suffer the consequences, as cybercriminals double their efforts of sending malware.

Still, we don’t deny that certain measures need to be taken to combat them successfully, and while some of those may appear drastic at first, there’s a chance that they will make more sense in the future. So we have to just wait and see. And in the meantime, remind everyone to stay away from emails that come from unfamiliar addresses – opening those is dangerous, as they very often contain viruses. There’re few things worse than having your workday disrupted due to a computer being infected with a virus, and you need to do everything you can to prevent something like this from ever happening to you. Having security software installed also helps – but make sure to keep it updated, as new threats are always being developed and released, and one of them just might slip through the cracks.

The situation is not as grim as it may seem – there’re a lot of viruses on the Internet, sure, but if you don’t put yourself under unnecessary risks, everything will probably be alright with your system. And don’t panic if it has been infected – security researchers are always on the lookout for solutions, and many viruses can be cured. So keep your visits to suspicious webpages to a minimum, avoid clicking on advertisements and corrupted links, and your computer will stay safe, stable and protected. Just the way it should be.



Please enter your comment!
Please enter your name here