Troj/JSRedir-HW
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Ranking: | 14,327 |
| Threat Level: | 10 % (Normal) |
| Infected Computers: | 182 |
| First Seen: | July 18, 2012 |
| Last Seen: | August 10, 2023 |
| OS(es) Affected: | Windows |
Troj/JSRedir-HW is a malicious browser hijacker Trojan that is distributed through a spam email campaign involving fake email messages from Facebook. Basically, criminals send out email messages disguised as photograph tag notifications such as the ones Facebook sends out whenever a computer user is tagged in a photo. These email messages include a spoofed email address and a subject line that makes them appear authentic. However, looking carefully at the message, ESG security researchers have noticed that the email address for these supposed Facebook email messages uses three 'o's' to write Facebook – that is, 'Faceboook.' Clicking on the link for this supposed photograph leads to a malicious website that uses a JavaScript exploit in the form of a malicious iFrame script in order to attempt to infect the victim's computer system with the Troj/JSRedir-HW Trojan. To do this, this malicious JavaScript uses exploits in the Blackhole Exploit Kit. If you have committed the mistake of clicking on this fake link, ESG security researchers recommend using a reliable anti-malware program to search your system for possible malware.
With the rise of phishing email scams, ESG security analysts strongly advise being extremely careful when opening unsolicited email messages and always confirming their sender by mousing over the sender's address or checking email details before clicking on any links or opening any file attachments. In fact, ESG security researchers strongly advise against opening any email attachments contained in unsolicited email messages, even if they appear to have been sent from a credible source such as Facebook. The subject and sender for this malicious email spam message reads:
Subject: Christine McLain Gibbs tagged a photo of you on Facebook
From: Facebook
The sender's name can vary from one case to the other. Also, you will of course notice that the supposed Facebook email address uses 'faceboook' with three 'o's.' Clicking on this link leads to a Blackhole Exploit Kit attack. This exploit kit takes advantage of multiple known operating system and program vulnerabilities in order to attack your computer. It is important to understand that this attack takes place in just a few seconds and that after being directed to this malicious iFrame attack, the victim is actually taken to an actual Facebook page. This means that computer users exposed to Troj/JSRedir-HW may not even realize that they have clicked on a malicious link or been exposed to malware, instead believing that the supposed tagged photo was simply removed or that it was a simple Facebook glitch.
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.