Home / malwarePDF  

Trojan:JS/BlacoleRef.P


First posted on 26 December 2011.
Source: Microsoft

Aliases :

There are no other names known for Trojan:JS/BlacoleRef.P.

Explanation :

Trojan:JS/BlacoleRef.P is a malicious JavaScript that is used by an exploit kit known as "Blackhole". If the script is run within a vulnerable computer environment, it could lead to the download and execution of arbitrary files.


Top

Trojan:JS/BlacoleRef.P is a malicious JavaScript that is used by an exploit kit known as "Blackhole". If the script is run within a vulnerable computer environment, it could lead to the download and execution of arbitrary files.


Trojan:JS/BlacoleRef.P may be encountered when visiting a compromised webpage. When run, the trojan runs obfuscated JavaScript which generates a hidden IFrame. The hidden IFrame will attempt to redirect the browser to another website that has been compromised and hosts the Blackhole exploit kit. If exploitation is successful, malware may be downloaded.

In the wild, Trojan:JS/BlacoleRef.P was observed redirecting browsers to another website such as the following:

  • turnncve.<removed>.fr/z/11




Analysis by Lena Lin

Last update 26 December 2011

 

TOP