JS/Agent.D!tr
Analysis
This JavaScript Trojan for Windows sytstems alters the home page value for Internet Explorer. The Java code instructions responsible monitor when a web page containing the home page changing script is closed. During closure, the Trojan alters the home page to point to the domain 'netster.com'.
Recommended Action
- check the main screen using the web interface to ensure the latest AV/NIDS
database has been downloaded and installed -- if required, enable the "Allow
Push Update" option
FortiClient systems:
- Quarantine/Delete infected files detected
FortiGate systems:
Telemetry
Detection Availability
FortiClient | |
---|---|
Extreme | |
FortiMail | |
Extreme | |
FortiSandbox | |
Extreme | |
FortiWeb | |
Extreme | |
Web Application Firewall | |
Extreme | |
FortiIsolator | |
Extreme | |
FortiDeceptor | |
Extreme | |
FortiEDR |
Version Updates
Date | Version | Detail |
---|---|---|
2019-05-07 | 68.34600 | Sig Updated |