JS/BlacoleRef.W
The JS/BlacoleRef.W Trojan is a dangerous JavaScript Trojan that has been active since Spring of 2012. It is important to note that JS/BlacoleRef.W poses a severe risk to any computer that becomes infected with this threat. JS/BlacoleRef.W is a malicious JavaScript that can be inserted into an otherwise harmless website, usually compromised because of careless security settings. JS/BlacoleRef.W will redirect the victim's web browser to attack websites containing the Black Hole Exploit Kit, which in turn will steal dangerous information installing malware on the victim's computer. JS/BlacoleRef.W can also be distributed in malicious emails and social media messages, such as a recent wave of attacks involving fake LinkedIn messages.
Table of Contents
Symptoms Associated with Attacks Involving the JS/BlacoleRef.W JavaScript Trojan
The JS/BlacoleRef.W attack is designed to be undetectable, meaning that JS/BlacoleRef.W will cause no explicit symptoms on the infected computer. The JS/BlacoleRef.W JavaScript loads an iframe in the background, which links to the malicious server. These links are activated while the victim is viewing content on the compromised websites. Unless a reliable anti-virus program is monitoring the victim's online traffic, no symptoms of the attack may manifest themselves. If the victim's computer is protected with a fully updated anti-malware program, an error message or alert may pop up at the moment that the JS/BlacoleRef.W script activates.
Computer users visiting an affected website may become infected with malware associated with JS/BlacoleRef.W. JS/BlacoleRef.W belongs to a large family of similar JavaScript Trojans that have become widespread since early 2012. These malware attacks load hidden iframes in order to take advantage of known vulnerabilities in JavaScript and in various Web browsers. The payload of these kinds of attacks varies depending on the intentions of the criminals distributing this malware. This is because the combination of JS/BlacoleRef.W, which acts as a background redirector and a malicious server using the BlackHole Exploit Kit to attack known vulnerabilities in the victim's computer results in a highly adaptable strategy that can be used for various purposes. In the case of the JS/BlacoleRef.W variant, this malicious JavaScript Trojan was used to infect computers with Trojans designed to steal personal information, banking and credit card details and to allow criminals to spy on the infected computer's contents and activity.
SpyHunter Detects & Remove JS/BlacoleRef.W
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | main.js | a016388d1e734ee3413d15e1980d1145 | 0 |
| 2. | jquery-easing-1.3.pack.js | e3aa0b40ed452dff1c19a069396c2058 | 0 |
| 3. | 2bd23ea16102b70d3c69cc8eac1dc28a.text_hmtl | 2bd23ea16102b70d3c69cc8eac1dc28a | 0 |
| 4. | vt-upload-rETka | 7d3943703c96d81d75fae54c4b90cb14 | 0 |
| 5. | vt-upload-1KqCV | 227cb6664ac28dd2b9412d79233bf63c | 0 |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.