(JavaScript) Malvertising by Thomas Roccia (fr0gger)
Created the Tuesday 13 December 2022. Updated 5 months, 1 week ago.
Description:
In this example, a new div element is created and inserted into the webpage using JavaScript. The div contains a link to a malicious website and an image from that website, which would be displayed as an ad on the page. Of course, in a real-world scenario, the code would be more complex and obfuscated to avoid detection.
Code
<script>
// Code to insert malicious ad onto webpage
var adElement = document.createElement("div");
adElement.innerHTML = "<a href='http://malicious-site.com'><img src='http://malicious-site.com/malicious-ad.jpg' /></a>";
document.body.appendChild(adElement);
</script>