Mal/JavaGen-E is a Trojan, which propagates via a hijacked Go Daddy website affecting PC users with ransomware. Mal/JavaGen-E is used by cybercriminals to compromise the DNS records of Go Daddy hosted websites. Cybercriminals are able to take over Go Daddy DNS records by compromising user credentials (stolen or weak passwords). Cybercrooks are exploiting DNS by taking over the DNS records of websites, adding one or more additional subdomains with corresponding DNS entries (A records) referencing malicious IP addresses. The legitimate hostname resolves to the legitimate IP address, but the added sub-domains resolve to malicious servers. This enables cybercrooks to use legitimate-looking web addresses in their attacks, which can help to avoid security filtering and fool computer users into believing the content is safe. The malicious servers are running an exploit kit calling itself 'Cool EK', which is in actuality very similar to Blackhole Exploit Kit. The Russian origin of the kit is obvious from the login page for the admin panel. Computer users entering the infectious website are hit with numerous malevolent files, exploiting several vulnerabilities, in order to corrupt them with ransomware. While being run, the ransomware shows the misleading pop-up payment page with contents that differ depending on the country of the affected PC user.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to Mal/JavaGen-E may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.