(JavaScript) Malvertising by Thomas Roccia

Created the Tuesday 13 December 2022. Updated 1 month, 2 weeks ago.

Description:

In this example, a new div element is created and inserted into the webpage using JavaScript. The div contains a link to a malicious website and an image from that website, which would be displayed as an ad on the page. Of course, in a real-world scenario, the code would be more complex and obfuscated to avoid detection.

Code

            <script>
  // Code to insert malicious ad onto webpage
  var adElement = document.createElement("div");
  adElement.innerHTML = "<a href='http://malicious-site.com'><img src='http://malicious-site.com/malicious-ad.jpg' /></a>";
  document.body.appendChild(adElement);
</script>