Study

QTDEI: "Dawn of the Dead - The Tale of the Resurrected Domain"
04-11-2024

The Department of Computer Engineering (DEI) of the “Instituto Superior de Engenharia do Porto” (ISEP), in collaboration with the Master's in Computer Engineering (MEI), invites to attend the lecture with the theme “Dawn of the Dead - The Tale of the Resurrected Domain”, which will take place on November 7th, at 6 p.m., in room B301

 

Abstract 

Today, our reliance on third-party dependencies is unprecedented, encompassing the software itself and the development, build chains, and various tools designed to enhance software development efficiency. A significant portion of these dependencies includes scripts dynamically loaded from third-party servers. What if these third-party hosts fail? Typically, browsers still attempt to run the web application, often resulting in numerous console errors unnoticed by users. This is a likely reason for the lax code maintenance observed in many websites, as their applications appear to function despite these underlying issues. 

The risk escalates when script hosts are permanently shut down, often leaving their domains available for purchase. This scenario has recently been exploited by attackers, who acquire these domains to inject malicious scripts into websites still linked to the original URLs. We caught one such attack, injecting malicious code into several websites. The extent of this threat was unknown until our threat-hunting journey led to the discovery of over 1,000 compromised websites. This presentation will cover the whole saga from detection to neutralization, including the various challenges faced and tools built and employed. 

 

Bio 

Pedro Fortuna, CTO and Co-Founder, Jscrambler 

Initially, he taught security and computer science courses for about five years. However, he ended up falling in love with the fast-paced world of entrepreneurship. He Started Jscrambler where he leads all security research and drives the company's product innovation on application security. Has more than 15 years of experience researching and working on web security. He is a contributor to OWASP and a regular speaker at various international security conferences. His main research interests lie in Application Security, Web Security, Reverse Engineering, Malware, and Software Engineering. Builder of solutions that require code rewriting, sandboxing, or both. PCI-SSC BoA. Author of several patents in application security. Chapter leader for OWASP Porto.  

 

Organization 

This lecture is organized by QTDEI in collaboration with the Master in Informatics Engineering (MEI) of the “Instituto Superior de Engenharia do Porto” (ISEP).