Security News > 2020 > July > Barclays Bank appeared to be using the Wayback Machine as a 'CDN' for some Javascript
2020-07-03 17:30
Barclays Bank appears to have been using no less than the Internet Archive's Wayback Machine as a "Content distribution network" to serve up a Javascript file.
Archive.org went down, it would presumably break Barclays' website as well.
JS is a favourite attack vector of, among other things, the Magecart financial creds-stealing gang.
He continued: "Who would use the Internet Archive to draw in an important asset like a Javascript file, or any file for that matter?".
The professor pointed us to a Twitter thread by infosec researcher Scott Helme, who went down the rabbit hole to try to figure out why Barclays was doing such an obviously stupid thing.