Trojan.Maljava!gen24

Trojan.Maljava!gen24 is a behavior-based alert for attacks associated with certain types of malicious Java Runtime Environment content, including some zero-day exploits that have not yet been issued a patch by the Oracle company. Trojan.Maljava!gen24 attacks are currently closely-associated with payloads that include backdoor Trojans such as Trojan.Taidoor, although Trojan.Taidoor has also been found to use alternate methods to infect new PCs. Contact with Trojan.Maljava!gen24 can be precipitated by links in e-mail spam, browser redirects or any other means of exposure to websites that can host Java-based code, and Trojan.Maljava!gen24's attacks don't display symptoms beyond any alerts that your anti-malware programs may cause. SpywareRemove.com malware experts recommend that you keep such software available and active, since Trojan.Maljava!gen24's inclusion of some zero-day exploits can mean that even having the most updated Java possible will not protect your PC from an infection.

Trojan.Maljava!gen24 is associated with other Java-based PC threats such as Java.Awetook and Trojan.Maljava, and, as such, Trojan.Maljava!gen24 may only be one of several steps used to compromise your computer. Because contact with Trojan.Maljava!gen24 is based on your web browser, keeping Java disabled as a default security option will prevent Trojan.Maljava!gen24 and similar Java-based attacks from being launched (although these methods will not protect against all types of drive-by-download attacks). While Java is active, all prominent browsers are vulnerable to Trojan.Maljava!gen24, along with most versions of Windows and Linux.

The latest vulnerability that Trojan.Maljava!gen24 exploits, CVE-2012-4681, has been available 'in the wild' for some time. Initially, this was considered a zero-day exploit: an exploit without a corresponding security patch that fixes it. However, since that time, Oracle has issued a patch for this particular exploit by Trojan.Maljava!gen24. Nonetheless, SpywareRemove.com malware research team notes that the incident remains significant in that it's the first visible sign of Trojan.Taidoor being installed through zero-day exploits instead of exploits that could be prevented by patching your software. Assuming a lack of proper anti-malware and browser security, victims who visit a site with Trojan.Maljava!gen24 will become infected by Trojan.Taidoor or another PC threat automatically.

Trojan.Maljava!gen24 - Why What You Can't See Can Still Hurt You

Neither Trojan.Maljava!gen24 nor its payload, Trojan.Taidoor, show symptoms of their attacks – and Trojan.Taidoor additionally is disguised as a fake Java update file, according to its file name. However, SpywareRemove.com malware experts warn that a successful Trojan.Maljava!gen24 attack can result in severely-compromised security by the following means:

• The presence of a backdoor vulnerability that could be used to control or access your PC from a C&C server.
• The possibility of confidential information stolen from your PC by Trojan.Taidoor recording this information to a log file and uploading this file to its server (typically at pre-specified times).
• The potential for many other types of PC threats to be installed on your computer by Trojan.Taidoor such as keyloggers, browser hijackers or banking Trojans.

While Trojan.Maljava!gen24 is a web page-based threat that doesn't need to be removed from your hard drive, the Trojan.Taidoor infection that's caused by Trojan.Maljava!gen24 should be deleted by a trustworthy anti-malware product.

Technical Details