SecurityHome.eu Trojan:JS/Redirector.IT

Home / malware PDF

Trojan:JS/Redirector.IT

First posted on 05 June 2012.
Source: Microsoft
Aliases :
Trojan:JS/Redirector.IT is also known as Trojan.JS.Redirector.ABZ (BitDefender), JS/Redir.IF (Command), JS/Redirector.NIL (ESET), Trojan.JS.Redirector.ux (Kaspersky).
Explanation :

Trojan:JS/Redirector.IT is a JavaScript trojan that intercepts web browser search results from various search engines to a single website.

Installation

This trojan redirector may be encountered when visiting a compromised webpage that hosts the script.

Payload

Redirects web browser

Trojan:JS/Redirector.IT redirects the web browser to a single website if it determines the "referrer", or the referring source or site, to contain any of the following strings:

Google.

msn.

Yahoo.

Altavista.

Aol.

Ask.

Bing.

In the wild, this trojan was observed to redirect the web browser to a site named "777blogz.com".

Analysis by Shali Hsieh

Last update 05 June 2012

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Family:

Trojan:JS/Redirector.FK
Trojan:JS/Redirector.BQ
Trojan:JS/Redirector.I
Trojan:JS/Redirector.FB
Trojan:JS/Redirector.N
Trojan:JS/Redirector.JA
Trojan:JS/Redirector.JE
Trojan:JS/Redirector.DC
Trojan:JS/Redirector.DT
Trojan:JS/Redirector.CC