Home / malware Trojan:JS/IframeRef.I
First posted on 29 November 2012.
Source: MicrosoftAliases :
Trojan:JS/IframeRef.I is also known as HTML/Redirect.FQ (Avira), JS.Redirector.145 (Dr.Web), JS/Exploit-Blacole.gg (McAfee), JS/Redir.JP.gen (Command), Troj/Exploit-J (Sophos), Trojan.Script (Ikarus), Trojan.Script.478237 (BitDefender).
Explanation :
Trojan:JS/IframeRef.I is a malicious JavaScript file that is embedded, via an iFrame, into malicious or compromised webpages. The purpose of the file is to redirect your browser to other sites that may download malware onto your computer, often by exploiting software vulnerabilities.
Make sure you install all available updates for your computer to help prevent the downloading of additional malware. For more information on updating software, including Java, Adobe and Microsoft products, please see the Additional information section in this entry.
Trojan:JS/IframeRef.I is a member of the Trojan:JS/IframeRef family.
To avoid detection, the iFrame may be only one pixel in size.
Installation
When you visit a website that contains Trojan:JS/IframeRef.I, your browser is redirected to another website that may download malware onto your computer. The malware could be any of the attacker's choice, and is typically downloaded onto your computer by exploiting software vulnerabilities.
Payload
Redirects webpages
In the wild, we have observed Trojan:JS/IframeRef.I redirecting Internet browsers to possibly malicious URLs in the following format:
<domain name>.ru:8080/forum/links/column.php
Additional information
Software vulnerabilities are fixed through the application of updates or patches from the software manufacturer.
The best way to protect your computer from exploits is to ensure that the versions of your software are up-to-date. Follow these links for more information on updating software that is commonly targeted by malware:
Related encyclopedia entries
- Microsoft Malware Protection Center - Updating Software
- Java updates
- Adobe updates (Acrobat, Reader, Flash, Shockwave)
- Microsoft updates via the Microsoft Update tool (including Windows, Office, and Internet Explorer)
Trojan:JS/IframeRef
Analysis by Mihai Calota
Last update 29 November 2012
