Mal/ExpJS-AV
Posted: November 23, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 10/10 |
|---|---|
| Infected PCs: | 23 |
| First Seen: | November 25, 2012 |
|---|---|
| Last Seen: | April 25, 2021 |
| OS(es) Affected: | Windows |
Mal/ExpJS-AV is a JavaScript component of a variant of Blacole (or the Blackhole Exploit Kit), a browser-based attack package that detects and exploits software vulnerabilities for the purpose of installing malware. While Blacole is, at this time, one of the most prominent PC threats on the web with a variety of payloads, Mal/ExpJS-AV specifically refers to a version of Blacole that installs a banking trojan. Zeus is designed primarily for stealing private information through sophisticated attacks that target account credentials (such as your bank account's login), although Zeus also may be (and, usually, is) used for additional attacks. Mal/ExpJS-AV is hosted as a fake web page offering browser updates and has been seen being promoted by e-mail spam links. Naturally, SpywareRemove.com malware researchers recommend only the best anti-malware software available for finding or deleting Mal/ExpJS-AV's payload if your PC is infected.
How Mal/ExpJS-AV Makes You Pay a Price That's Higher Than Any Digital Purchase
Links to Mal/ExpJS-AV have most recently been found being distributed by e-mail messages that pretend to be from iTunes. In keeping with malware distribution philosophy of 'cause panic, then profit,' these e-mails claim that you've been charged with over half a thousand dollars and should click any of the provided links if this is incorrect. This e-mail isn't from iTunes, and clicking these links leads you to one of many websites that host the Blackhole Exploit Kit.
The website in question hosts a Blacole variant with several attacks in Flash, JavaScript and PDF formats; Mal/ExpJS-AV is the label for its JavaScript-based attack. Like any type of Blacole attack, Mal/ExpJS-AV will attempt to install its payload without your consent by detecting and exploiting software flaws. For this reason, SpywareRemove.com malware researchers always encourage PC users to keep all software updated – especially programs that may be targeted by Mal/ExpJS-AV very frequently such as Adobe Reader, Java or default Windows programs.
Even if you're not attacked successfully, you may end up infecting your computer anyway – due to the misleading content that this site displays. As a fallback attack, this site hosts links that pretend to be browser updates, but actually are more installers for Mal/ExpJS-AV's payload, the banking trojan Zeus. This version of Zeus is detected as Mal/Zbot-JG.
Don't Let Your PC Dance to Mal/ExpJS-AV's Tune
Zeus trojans like Mal/Zbot-JG that are installed by Mal/ExpJS-AV are capable of many attacks against your PC, with major examples including:
- Recording typed information.
- Stealing information from web transactions.
- Installing other malware.
- Disabling your firewall.
- Disabling your browser's security features.
Bank websites, FTP clients and e-mail accounts are some of the major targets of Mal/Zbot-JG, and you should consider changing all important passwords after removing any infection that's related to a Mal/ExpJS-AV attack. Because Mal/Zbot-JG and other Zeus variants are high-level PC threats that possess sophisticated defense, SpywareRemove.com malware experts suggest that you use powerful anti-malware programs to remove any payload of a Mal/ExpJS-AV attack from your computer.
Alternately, you could identify and delete the fake invoice e-mails that distribute links to Mal/ExpJS-AV and save yourself the trouble of dealing with Mal/ExpJS-AV or Mal/Zbot-JG in the first place.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.