JS/Agent.NVS!tr
Analysis
This indicates an attempt at hidden HTML injection. Attackers often compromise websites by injecting hidden HTML redirector tags into their web pages. Malicious files can be downloaded when these infected web pages are visited.
Technical Details
This malware is an encrypted script and will insert HTML redirector tags into the HTML document in the current browser window. The hidden HTML tags allow the browser to connect to another URL in the background. In this case, the URL is malicious and tries to further download a trojan.
Recommended Action
- FortiGate Systems
- Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
FortiClient Systems
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
Telemetry
Detection Availability
FortiClient | |
---|---|
Extreme | |
FortiMail | |
Extreme | |
FortiSandbox | |
Extreme | |
FortiWeb | |
Extreme | |
Web Application Firewall | |
Extreme | |
FortiIsolator | |
Extreme | |
FortiDeceptor | |
Extreme | |
FortiEDR |