A new research paper published in the peer-reviewed journal PLoS ONE, claims to show how a reverse link can cause a browser to automatically download malicious programs from an external source.
Researchers from Microsoft and Adobe have discovered that when users of a popular browser visited a malicious site using a fake Google account, the browser would automatically download a malicious program known as a worm.
The malware would then install itself on the user’s computer and then execute the malware itself.
Microsoft and other web companies have been using this kind of exploit to download malware from other malicious sources and, in the past, Microsoft even stopped using the malicious domain name of the worm as a security measure.
However, in a recent research paper, Microsoft and a number of other web developers discovered that this new way of doing the reverse link could also lead to an exploit similar to the one used in a Windows backdoor.
The researchers found that the same malware would install itself to the user computer, infect a remote host, and execute code on the remote host.
The malware then downloaded itself onto the target computer.
“When a user visits a malicious web page, a small number of browser scripts can be executed,” the paper says.
“The script is called a Wiper, and it contains a series of commands that allow the user to download and execute a malware payload on the victim’s computer.
The Wiper script may be used to install malicious software on a remote machine, but this malware also downloads itself onto a user’s machine and executes it itself.”
The paper also says that these scripts could potentially be used for malicious purposes, such as malware-laden ads.
“These scripts are designed to allow the remote attacker to steal the victim user’s credentials and login credentials to a target computer,” the researchers write.
“A malicious Wiper would be able to steal these credentials and log in to a victim’s system.”
Microsoft has since announced that it would be removing the Wiper scripts from its popular Edge browser.
Microsoft says it plans to implement a mitigation mechanism to prevent these scripts from being used to download malicious content.
“These scripts have been disabled in Edge due to their potential misuse and we are actively investigating how we can prevent the use of these scripts to download other malware,” the company wrote in a blog post.
“We are also taking additional steps to help address these issues.”
While Microsoft has announced it will stop disabling the scripts, Microsoft also released a blogpost saying it plans on continuing to disable these scripts.