Trojan.Maljava!gen24 Description

Since 2010, PC security researchers have used the detection Trojan.Maljava!gen24 to refer to malware in the Maljava family of infections. These are typically Trojan infections that take advantage of numerous vulnerabilities in the Java Runtime Environment. There are numerous vulnerabilities that can be exploited. While many of these have been patched, meaning that a computer will only be vulnerable to them if it is running an outdated version of the Java Runtime Environment, some of these remain exploitable on current versions of Java. Because of this, ESG security researchers advise that computer users can protect themselves from the many variants of Trojan.Maljava!gen24 and other Java-based malware threats by disabling Java on their computer unless it is necessary. If the Java Runtime Environment is disabled, then Trojan.Maljava!gen24 and any other malicious Java scripts cannot affect that computer.

Trojan.Maljava!gen24 itself has been detected as a malicious Java script named Ok.jar. This malicious file was detected for the first time in August of 2012 and has been known to attack computers using the CVE-2012-4681 vulnerability in updated versions of Java. It installs a fake Java updater, which is actually the executable for Trojan.Taidoor, a dangerous backdoor Trojan. Trojan.Maljava!gen24 can infect several versions of the Microsoft Windows OS released after Windows 95. Due to the fact that Trojan.Maljava!gen24 uses Java, a third party platform, to attack a computer, it is not unlikely that various variants of Trojan.Maljava!gen24 can perform cross-platform attacks, infecting computers with Mac OS or even mobile operating systems.

The many variants of Trojan.Maljava!gen24 can take advantage of the following known vulnerabilities in Java, some of which have been patched in more recent versions: CVE-2008-5345, CVE-2008-5346, CVE-2008-5347, CVE-2008-5348, CVE-2008-5349, CVE-2008-5350, CVE-2008-5351, CVE-2008-5352, CVE-2008-5353, CVE-2008-5354, CVE-2008-5355, CVE-2008-5356, CVE-2008-5357, CVE-2008-5358, CVE-2008-5359, CVE-2008-5360, CVE-2009-3728, and CVE-2009-3729, The three main Java vulnerabilities that Trojan.Maljava!gen24 exploits are the Development Kit Multiple Security Vulnerabilities Group, the November 2009 Security Vulnerabilities and Remote Heap Buffer Overflow Vulnerability.

Trojan.Maljava!gen24 is usually used to install other malware on the targeted computer. The aforementioned vulnerabilities in Java allow criminals to manipulate this third party platform in order to run a harmful code on the compromised computer. This allows them to drop and execute a backdoor Trojan which grants them access to the infected computer from a remote location. Using this backdoor, criminals can then install spy Trojans, remote access tools or other kinds of dangerous malware on the infected computer.

Type: Trojans

How Can You Detect Trojan.Maljava!gen24?

Important Article Disclaimer