Is WebAssembly a new threat to security and is KTS dealing with?

[Toasty]

I read this article

https://www.zdnet.com/article/half-of-the-websites-using-webassembly-use-it-for-malicious-purposes/

I got worried. It seems browsers are allowing low level language execution for the purposes of speed but is also being used for malicious purposes.

The article says this:

“ while the vast majority of samples [ Wasm code] were used for legitimate purposes, two categories of Wasm code stood out as inherently malicious.

The first category was WebAssembly code used for cryptocurrency-mining.

The second category referred to WebAssembly code packed inside obfuscated Wasm modules that intentionally hid their content. These modules, the research team said, were found part of malvertising campaigns. “

 

Is Kaspersky looking into this?

[Flood and Flood's wife]

Hello  @Toasty,

Welcome!

Thank you for rasing the Topic👏

Wiki Webassembly Security considerations also discusses the potential risks. 

If KTS is licensed, please raise a request with Kaspersky Technical Support, the support team will need the information detail you've provided here. 

After submitting the request, you’’ll receive an automated email with an INC+12 digits reference number. Normally within 5 business days, a Kaspersky Lab Technical Support  (human) will contact you. You may continue to communicate with the Technical Team via email or by updating the INC in your MyKaspersky account.

Please let us know the outcome when it’s available?

Thank you🙏

[Toasty]

Hi Flood,

OK  I’ll ask them if KTS deals with these potential threats.

Yes I do have a license.

Thanks

Regards