Recent Study Estimates That 50% of Web Sites Using WebAssembly Apply It for Malicious Purposes

mood · Oct 27, 2019

Recent Study Estimates That 50% of Web Sites Using WebAssembly Apply It for Malicious Purposes
October 27, 2019
https://www.infoq.com/news/2019/10/WebAssembly-wasm-malicious-usage/

A study published in June 2019 reveals that in the Alexa Top 1 million websites, one out of 600 sites execute WebAssembly (Wasm) code. The study moreover finds that over 50% of those sites using WebAssembly apply it for malicious deeds, such as cryptocurrency mining and malware code obfuscation.

The team examined the websites in the Alexa sample over a time span of 4 days, and successfully studied 947,704 web sites, eventually visiting 3,465,320 web pages.
1,950 Wasm modules were found on 1,639 sites (roughly one site out of 600).

"The largest observed category implements a cryptocurrency miner in WebAssembly, for which we found 48 unique samples on 913 sites in the Alexa Top 1 Million.
(…) 56%, the majority of all WebAssembly usage in the Alexa Top 1 Million is for malicious purposes."
Click to expand...

Full Study: "New Kid on the Web: A Study on the Prevalence of WebAssembly in the Wild" (PDF - 535 KB): New Kid on the Web: A Study on the
Summary of the study (PDF - 506 KB): https://www.dimva2019.org/wp-content/uploads/sites/31/2019/06/DIMVA19-slides-2-R.pdf

Log in or Sign up

Recent Study Estimates That 50% of Web Sites Using WebAssembly Apply It for Malicious Purposes

mood Updates Team