obfuscated javascript code is detected as Trojan:JS/PhishingLogin.A by MS Defender #1189
sehoonmin89
started this conversation in
General
Replies: 1 comment
-
I had same problem when using it on my electronjs software node side because of new Function() function Here is my solution: const JavaScriptObfuscator = require('javascript-obfuscator');
const UglifyJS = require('uglify-js');
function obfuscateJSFile(filePath) {
const inputJS = fs.readFileSync(filePath, 'utf8');
const obfuscatedCode = JavaScriptObfuscator.obfuscate(inputJS, {
...
ignoreImports: true,
target: 'browser-no-eval',
}).getObfuscatedCode();
const minifiedJS = UglifyJS.minify(obfuscatedCode, { mangle: true, ie8: true, webkit: true }).code;
fs.writeFileSync(filePath, minifiedJS);
return;
} |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Today, I found out that my project's CI process is not working anymore. The reason was that one of the obfuscated files is detected as malware by Windows Defender.
Here is the link for reference: link.
obfuscation command is :
I thought
--self-defending true
option might be a reason so I tuned off, than It caught as virus/malware intermittently. (likely 25% chance. before that, 100% chance)The file that gets detected changes randomly every time I run the obfuscator. What should I do? or any clues?
P.S. Sorry for my poor English.
Beta Was this translation helpful? Give feedback.
All reactions