Starting February 13, Google has announced that they will begin blocking .js in Gmail attachments due to the increasing security concerns.
This is not the first time they restricted file attachments. Once implemented, if one attempts to attach a .js file and an in-product warning will appear explaining why. See image below.
Google already blocks more than 30 file types as attachments in Gmail, including .cmd, .exe, .jar, .lib, .scr, .vbs and many others.
Google acknowledged that some businesses have the need to share .js files. In this case, it is not allowed in emails, but will be able to share them via Google Drive or other cloud storage solutions.
The Feb. 13 start date will be rapid release only, Google said, with a scheduled release set for two weeks later.
This decision came about due to the rapid rise of threats caused by .js files that are being used by cyber-criminals with their operations to spread banking malware, ransomware, click-fraud, adware and other malicious intentions they plan to do with it.
Just a few days ago, there seems to be a surge of a new cybercrime campaign spreading the Cerber ransomware bia email-based attacks. They have been utilizing .js files embedded inside of two .zip files which downloads the Sage 2.0 ransomware from a 3rd party site.
This is also applicable with macro-based malware in order to infect endpoints with crypto-ransomware.
A few good examples are the malware campaigns of Kovter, Miuref, Corebot Trojan which mainly focuses in stealing credentials before they became a huge banking malware.
One of the most annoying ransomware are spread via .js downloaders such as Locky. It is still a threat up to now and people became more aware of it when they were able to affect hospitals in Hollywood and Kentucky.