Home / malwarePDF  

Trojan:JS/Dursg.B


First posted on 18 March 2010.
Source: SecurityHome

Aliases :

There are no other names known for Trojan:JS/Dursg.B.

Explanation :

Trojan:JS/Dursg.B is a trojan that redirects Web searches performed using the Web browser Firefox and when a user performs key word searches in specific search sites.
Top

Trojan:JS/Dursg.B is a trojan that redirects Web searches performed using the Web browser Firefox and when a user performs key word searches in specific search sites. InstallationTrojan:JS/Dursg.B is installed by other malware or by visiting a malicious Web page. It arrives in the system as a Firefox mechanism that allows applications to add elements to the browser interface and is present as a file named "overlay.xul". Payload Redirects user searches When a user uses the Web browser to conduct searches using certain search engines, the browser is redirected to the following servers:

  • clickstraffik.ru
  • clickedtraff.ws
  • searchrequest2.com
  • searchrequest1.com
  • The following search engines are impacted by the trojan:
  • Google.com
  • Ask.com
  • Yahoo.com
  • AOL.com search
  • Bing.com


  • Analysis by Tim Liu

    Last update 18 March 2010

     

    TOP