virus logo Virus

JS/Crypt.BBDF!tr

description-logoAnalysis


This detection is for encrypted JavaScript malware that redirects the infected user's web browser to an unexpected site. Example behaviors include:

  • Redirecting the web browser to navigate to http://laco{Removed}.com/cool/{Removed}  when certain conditions on the user's browsing session are met.
  • Injecting hidden IFrame tags to a web page from another source depending on conditions on the user's browsing session.

recommended-action-logoRecommended Action

    FortiGate Systems
  • Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
    FortiClient Systems
  • Quarantine/delete files that are detected and replace infected files with clean backup copies.

Telemetry logoTelemetry

Detection Availability

FortiGate
Extended
FortiClient
FortiMail
FortiSandbox
FortiWeb
Web Application Firewall
FortiIsolator
FortiDeceptor
FortiEDR

Version Updates

Date Version Detail
2019-05-03 68.25100 Sig Added
2019-05-03 68.24700 Sig Updated
ID 4299180
Released Nov 06, 2012
Description
Updated		 Jun 07, 2013
Aliases Trojan.JS.Spamer.b, JS/TrojanClicker.Agent.NDG
Platform Profile Java Script