Revision as of 14:27, 9 November 2021 edit FMecha (talk \| contribs) Extended confirmed users 6,535 edits →Vulnerabilities: 4chan.hta ← Previous edit		Revision as of 14:30, 9 November 2021 edit undo FMecha (talk \| contribs) Extended confirmed users 6,535 edits →Vulnerabilities Next edit →
Line 63: ==Vulnerabilities== HTA have been used to deliver malware.<ref>{{Cite web\|url=https://www.vmray.com/cyber-security-blog/spora-ransomware-dropper-hta-infect-system/\|title=Spora Ransomware Dropper Uses HTA to Infect System\|date=2017-01-17\|website=VMRay\|language=en-US\|access-date=2018-12-22}}</ref><ref>{{Cite web\|url=https://blog.netwrix.com/2017/06/01/nine-scariest-ransomware-viruses/\|title=8 Scariest Ransomware Viruses\|language=en-US\|access-date=2018-12-22}}</ref> One particular HTA, named ''[[4chan]].hta'' (detected by antiviruses as JS/Chafpin.gen), was widely distributed by the users of the imageboard as a [[steganographic]] image in which the user were instructed to download the picture as an HTA file, which when executed, would cause the computer to automatically spam the website (evading 4chan's [[CAPTCHA]] in the process) ~~there~~with ~~there~~alternate variants of itself; it was reported that such attacks were previously delivered in ~~form~~which ofthe user was prompted to save it as a [[JavaScript\|.js]] file.<ref>{{cite web \|last1=Constantin \|first1=Lucian \|title=4chan Flood Script Is Back with New Social Engineering Trick \|url=https://news.softpedia.com/news/4chan-Flood-Script-Is-Back-with-New-Social-Engineering-Trick-151603.shtml \|website=Softpedia \|access-date=2021-11-09 \|date=2010-08-10}}</ref> ==Example==

HTML Application: Difference between revisions