Cannot comment, really, because we all here are volunteers. We do not have influence in such respects.
It is for avast team to decide what definitions they will launch for genuine and also for heuristic detections.
Understandable, it is their product, their definitions…
Would be interesting to find what threat analyzing programs will come up with,
apart from what VT has to show us.
As long as JavaScript is around, since the days of Brendan Eich developing the language,
it has been a two-pointed sword in many respects.
I work retire.js, node.js. It still stays a real can of worms, somewhat like what php is in the hands of many developers.
A script blocker of sorts like NoScript and uMatrix (alas now left by it’s developer, probably because upcoming extension restrictions)
is a solution that always works against such threats (all of them, even those foreseeable in the future).
But end-users also have to reckon with what Big Tech and overseeing organizations have decided for us.
That’s the world we live in. Have a good week.
polonus (volunteer third party cold recon website security analyst and website error-hunter)
I see. Yeah, I know about NoScript and have used it in the past briefly in the past. I mainly used uMatrix for a long time and even uBlock Origin in medium/hard mode. They are great for protection, but configuring them can be cumbersome, specially initially.
Then I got lazy and even gave up uBO medium mode. So now just using easy mode.
But this particular script is a first party script, not third party, so that’s an issue for uBlock Origin.
Avast still hasn’t added any detection, so looks like they don’t consider it dangerous enough. It’s alright I guess since you said this script itself is a legit script. So, not a problem.
I also work Browser JS Guard extension inside epic browser to be alerted to hidden iFrames-redirections, unauthorized redirections, encoded javascript, external domain requests and trackers on websites (this is an extension supported by cert-in and the government of India). Found this extention well worth installing.
In the case of apparent legit scripts that may be or come abused, there must obviously be a suspicious way to get them onto your device. They do not land there or aren’t produced in a way as your operational system is used to get them (have such files launched, and in/from different places).
It can also be files renamed by malcreants to show off as legit ones. So do not open phishy links, mind alerts by the above extension etc. When something feels risky or not hunky dory, it often is. Curiosity killed the proverbial animal, you know.