The Department of Computer Engineering (DEI) of the Engineering Institute of Porto (ISEP), in collaboration with the Master in Computer Engineering (MEI), invites to participate in another lecture, this time with the theme “Dawn of the Dead - The Tale of the Resurrected Domain”, which will take place on 7th November, at 6 pm, at ISEP.
The event will take place in room B301.
Today, our reliance on third-party dependencies is unprecedented, encompassing the software itself and the development, build chains, and various tools designed to enhance software development efficiency. A significant portion of these dependencies includes scripts dynamically loaded from third-party servers. What if these third-party hosts fail? Typically, browsers still attempt to run the web application, often resulting in numerous console errors unnoticed by users. This is a likely reason for the lax code maintenance observed in many websites, as their applications appear to function despite these underlying issues.
The risk escalates when script hosts are permanently shut down, often leaving their domains available for purchase. This scenario has recently been exploited by attackers, who acquire these domains to inject malicious scripts into websites still linked to the original URLs. We caught one such attack, injecting malicious code into several websites. The extent of this threat was unknown until our threat-hunting journey led to the discovery of over 1,000 compromised websites. This presentation will cover the whole saga from detection to neutralization, including the various challenges faced and tools built and employed.