VirusJS/FBJack.A!tr
Analysis
JS/FBJack.A!tr is the detection for JavaScript code on web sites that have clickjacking behavior. Web sites that have this code attempt to trick the user into clicking a link that is concealed and is different from what is displayed to the user. This particular clickjacking trojan focuses more on social networking sites.
Below are examples of some of the URLs that this trojan links to:
- http://www.fbr{Removed}.com/xfbml/fb:like
- http://hitec{Removed}gspot.ca/2010/05/facebook-like-button-xfbml-tutorial.html
Recommended Action
- FortiGate Systems
- Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
FortiClient Systems
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
Telemetry
Detection Availability
| FortiGate | |
|---|---|
| FortiClient | |
| FortiAPS | |
| FortiAPU | |
| FortiMail | |
| FortiSandbox | |
| FortiWeb | |
| Web Application Firewall | |
| FortiIsolator | |
| FortiDeceptor | |
| FortiEDR |