Cloudflare Page Shield: Early warning system for malicious scripts


Level 85
Thread author
Top poster
Content Creator
Malware Hunter
Aug 17, 2014
Cloudflare has released a new feature that aims to protect websites from Magecart and other malicious JavaScript-based attacks.

A typical cyberattack is introducing malicious JavaScript onto a website to redirect visitors to malicious sites, display phishing forms, exploit vulnerabilities, and steal submitted payment information.

To introduce malicious scripts on a website, threat actors will commonly add the malicious inline JavaScript to the web page, add an external malicious JavaScript dependency file under their control, or compromise an existing third-party script in a supply-chain attack.

When JavaScript is loaded from an external location as a dependency, in many cases, they go unnoticed for a long time, especially when there is no outward change in a site's user experience.
Today, Cloudflare announced a new security feature called Page Shield that will detect attacks in end-user browsers caused by malicious JavaScript dependencies.

"Our mission is to help build a better Internet. This extends to end-user browsers, where we’ve seen an alarming increase in attacks over the past several years. With Page Shield, we will help applications detect and mitigate these elusive attacks to keep their user’s sensitive information safe," Cloudflare announced today.

With today's unveiling of Page Shield, Cloudflare is starting with a 'Script Monitor' tool that will report to Cloudflare every time a visitor on a protected site executes a JavaScript dependency file in their browser.

Using these reports, Cloudflare will build a history of known scripts utilized on the site. When a new one is detected, alert the website administrator so they can investigate further. [...]