Content deleted Content added
It was incorrectly stated that removing Internet Explorer from Windows will disable HTAs. This has been corrected and clarified. |
→Vulnerabilities: 4chan.hta |
||
Line 63:
==Vulnerabilities==
HTA have been used to deliver malware.<ref>{{Cite web|url=https://www.vmray.com/cyber-security-blog/spora-ransomware-dropper-hta-infect-system/|title=Spora Ransomware Dropper Uses HTA to Infect System|date=2017-01-17|website=VMRay|language=en-US|access-date=2018-12-22}}</ref><ref>{{Cite web|url=https://blog.netwrix.com/2017/06/01/nine-scariest-ransomware-viruses/|title=8 Scariest Ransomware Viruses|language=en-US|access-date=2018-12-22}}</ref> One particular HTA, named ''[[4chan]].hta'' (detected by antiviruses as JS/Chafpin.gen), was widely distributed by the users of the imageboard as a [[steganographic]] image in which the user were instructed to download the picture as an HTA file, which when executed, would cause the computer to automatically spam the website (evading 4chan's [[CAPTCHA]] in the process) there there; it was reported that such attacks were previously delivered in form of a [[JavaScript|.js]] file.<ref>{{cite web |last1=Constantin |first1=Lucian |title=4chan Flood Script Is Back with New Social Engineering Trick |url=https://news.softpedia.com/news/4chan-Flood-Script-Is-Back-with-New-Social-Engineering-Trick-151603.shtml |website=Softpedia |access-date=2021-11-09 |date=2010-08-10}}</ref>
==Example==
| |||