Explaining the "Mystery Code"

Currently the population of the Internet in India and also the media is talking about the "script injection" discovery that Thejesh GN (@thej) made, who claims to be a programmer.

Our country's Telecorps like Airtel, Vodafone, Aircel to name a few have been always a victim of allegations regarding their service and their quality.

About the Script Injection

The same thing happened a few days back when the aforementioned coder claimed to make a break-through discovery of a malicious and mysterious script that was being inserted in every website he visited.

The only proof and reproduction of the script injection was demonstrated with this screenshot of the source code of "thej.in" where a JavaScript code (the de facto scripting language of the web) was added in the website's source.

source: Trak.in

This is the complete HTML markup that the coder wanted to show was this:
<script type='text/javascript' src=''></script>

Apart from that there were no explanations or any other research which proved how the injected script got there and most importantly what it did!

I checked the host IP address on a IP tracer and it looks like it is being hosted in Bangalore, India and the ISP is Airtel. That is what I think led the coder assume that Airtel played with the privacy with this mere JavaScript code.

The Coder Got A Notice from FlashNetwork 

The main thing that actually sparked the news was the discoverer getting a noticed for explicitly posting the code on his Github Repository. The Israeli company Flashnetwork consequently filed a DMCA complaint and also sent a notice to him for the takedown of the code and it was taken down.

I when read the news on a blog too thought this might be something very serious if a professional/qualified programmer have made the discovery and warned people about this and searched for the code that was the center of the topic.

Explaining The Mysterious Code that Might Compromise your Privacy

That's what the coder claimed. But later when I found the code it was this:
 * Automatically executed if DOM is ready
$(function() {
        transitionDuration : 1200

 * anchor.js - jQuery Plugin
 * Jump to a specific section smoothly
 * @dependencies jQuery v1.5.0 http://jquery.com
 * @author   Cornel Boppart 
 * @copyright  Author
 * @version  1.0.5 (02/11/2014)

;(function ($) {
 window.anchor = {
   * Default settings
  settings: {
   transitionDuration: 2000,
   transitionTimingFunction: 'swing',
   labels: {
    error: 'Couldn\'t find any section'

   * Initializes the plugin
   * @param {object} options The plugin options (Merged with default settings)
   * @return {object} this The current element itself
  init: function (options) {
   // Apply merged settings to the current object
   $(this).data('settings', $.extend(anchor.settings, options));

   return this.each(function () {
    var $this = $(this);

    $this.unbind('click').click(function (event) {

   * Gets the top offset position
   * @param {object} $object    The root object to get sections position from
   * @return {int}  topOffsetPosition The top offset position
  getTopOffsetPosition: function ($object) {
   var href = $object.attr('href'),
    $section = $($(href).get(0)),
    documentHeight = $(document).height(),
    browserHeight = $(window).height();

   if (!$section || $section.length < 1) {
    throw new ReferenceError(anchor.settings.labels.error);

   if (($section.offset().top + browserHeight) > documentHeight) {
    return documentHeight - browserHeight;
   } else {
    return $section.offset().top;
   * Jumps to the specific position
   * @param {int}  topOffsetPosition The top offset position
   * @param {object} settings   The object specific settings
   * @return {void}
  jumpTo: function (topOffsetPosition, settings) {
   var $viewport = $('html, body');

    {scrollTop: topOffsetPosition},

    // Stop the animation immediately, if a user manually scrolls during the animation.
   $viewport.bind('scroll mousedown DOMMouseScroll mousewheel keyup', function(event){
    if (event.which > 0 || event.type === 'mousedown' || event.type === 'mousewheel') {
     $viewport.stop().unbind('scroll mousedown DOMMouseScroll mousewheel keyup');


 $.fn.anchor = function (method) {
   // Method calling logic
  if (anchor[method]) {
   return anchor[method].apply(this, Array.prototype.slice.call(arguments, 1));
  } else if (typeof method === 'object' || !method) {
   return anchor.init.apply(this, arguments);
  } else {
   return $.error('Method ' + method + ' does not exist on jQuery.anchor');


As being a professional web developer I analyzed the code and found that this is nothing but a mere script that provides smooth scrolling effect on websites. And it was nothing like what the person was successful in making people believe it was.

I can't start to wonder what led Thejesh assume that the code was something injected suspiciously by Airtel to exploit their privacy. But whatever it was, it was not right and not true either.

Taking Sides?

Sorry, not. There is nothing like taking the side of the Telecorps to protect them. Through my research this is what I found. This case is a case of ignorance on the part of the coder who spread this and the people who believed this without researching much.

On the side note I have been on Airtel's network and honestly that IP address or no similar script nor any script was ever injected into the sites. Though it is to note that ISPs do insert small snippets of codes, for example the mobile Facebook site where they insert their home page's link but that's all. Anything unethical is wrong, and should be acted against.