Home Malware Programs Trojans JS/Exploit-Blacole


Posted: December 11, 2012

Threat Metric

Threat Level: 9/10
Infected PCs: 8
First Seen: December 11, 2012
OS(es) Affected: Windows

JS/Exploit-Blacole is a heuristic detection of the Blackhole Exploit Kit, a package of web browser-based attacks that can be configured to use various different exploits to install malicious software onto your computer. JS/Exploit-Blacole attacks often may not display any obvious symptoms and can succeed automatically if your PC has vulnerable software – which can include anything from Adobe-brand products to Flash, as well as default Windows programs. Payloads from JS/Exploit-Blacole that SpywareRemove.com malware researchers have observed include high-level threats such as banking Trojans, as well as rogue anti-malware scanners. Any possible exposure to JS/Exploit-Blacole, if not blocked by your security software, should be assumed to have infected your computer until you can confirm otherwise through anti-malware scans. Naturally, malicious software that's installed by JS/Exploit-Blacole should be deleted by dedicated anti-malware tools that can detect and remove high-level threats in their entirety.

JS/Exploit-Blacole: the Browser Content that Bites Back

JS/Exploit-Blacole is hosted on both malicious and compromised websites as a general download-enabler for malicious software. Because JS/Exploit-Blacole is JavaScript-based, browsers that have their JavaScript feature disabled (and computers that don't have JavaScript installed in the first place) aren't vulnerable to JS/Exploit-Blacole-based attacks. However, since JavaScript is a popular web design feature that's often enabled by default, SpywareRemove.com malware experts recommend that you have additional protection against JS/Exploit-Blacole – such as anti-malware products with web-browsing safety features.

If JS/Exploit-Blacole is launched successfully, JS/Exploit-Blacole will attempt to detect a vulnerability that JS/Exploit-Blacole can use to install malicious software onto your PC. JS/Exploit-Blacole, and other variants of the Blackhole Exploit Kit are in active development, and the vulnerabilities that they may utilize can vary significantly, including both patched ones and zero-day vulnerabilities. SpywareRemove.com malware researchers generally encourage you to keep all of your software updated inorder to reduce the number of vulnerabilities that can be abused by JS/Exploit-Blacole, although patches alone aren't a perfect defense against JS/Exploit-Blacole attacks.

Why You Should Be Careful Not to Get in Range of JS/Exploit-Blacole's Orbit

JS/Exploit-Blacole is designed to install malicious software both non-consensually and, in most cases, secretively. Some JS/Exploit-Blacole-associated payloads that SpywareRemove.com malware researchers have analyzed include – but, it should be emphasized, aren't limited to – the following:

  • Rogue anti-malware programs, such as members of FakeRean like Win 7 Internet Security Pro 2013, XP Antivirus Plus 2013, Vista Antivirus Plus 2013, Win 7 Antivirus Plus 2013, Total Vista Security, Win 7 Total Security Pro 2013, XP Security Pro 2013 and XP Home Security 2012. These scamware programs display fake alerts and fake system scans to make you purchase the registered (and equally useless) versions of their software.
  • Banking Trojans like the well-known Zeus, which uses sophisticated man-in-the-browser style attacks to monitor your access to banking sites and steal passwords, etc. Banking Trojans rarely display any obvious symptoms of their presence but are capable of stealing extremely private information, with an emphasis on data that would allow criminals to hijack financial accounts.

Although JS/Exploit-Blacole is a browser-based PC threat that doesn't install itself on your computer, JS/Exploit-Blacole does install other malware onto your PC that should be removed as expediently as possible. If your anti-malware software detects Zeus or other spyware-themed malware from a JS/Exploit-Blacole attack, SpywareRemove.com malware experts also suggest that you change any potentially compromised passwords.



Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to JS/Exploit-Blacole may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

8498db0a8a4b0caa7a672eb7db30241d File name: 8498db0a8a4b0caa7a672eb7db30241d
Size: 111.82 KB (111827 bytes)
MD5: 8498db0a8a4b0caa7a672eb7db30241d
Detection count: 93
Group: Malware file
Last Updated: March 6, 2013
decb06ef05dd2a1c49aeeb9aa1a1386e File name: decb06ef05dd2a1c49aeeb9aa1a1386e
Size: 39.25 KB (39258 bytes)
MD5: decb06ef05dd2a1c49aeeb9aa1a1386e
Detection count: 92
Group: Malware file
Last Updated: March 6, 2013
e43ff874dad12b697e179cf144ffa443 File name: e43ff874dad12b697e179cf144ffa443
Size: 115.28 KB (115283 bytes)
MD5: e43ff874dad12b697e179cf144ffa443
Detection count: 91
Group: Malware file
Last Updated: March 6, 2013
A47490633507A026DD00161B46BA2D71.bin File name: A47490633507A026DD00161B46BA2D71.bin
Size: 785B (785 bytes)
MD5: a47490633507a026dd00161b46ba2d71
Detection count: 90
File type: Binary File
Mime Type: unknown/bin
Group: Malware file
Last Updated: March 6, 2013
d612020ff2790577344efef457e35665 File name: d612020ff2790577344efef457e35665
Size: 786B (786 bytes)
MD5: d612020ff2790577344efef457e35665
Detection count: 89
Group: Malware file
Last Updated: March 6, 2013
g43kb6j34kblq6jh34kb6j3kl4.jar File name: g43kb6j34kblq6jh34kb6j3kl4.jar
Mime Type: unknown/jar
Group: Malware file