Home Malware Programs Trojans Troj/JSRedir-HT

Troj/JSRedir-HT

Posted: June 27, 2012

Threat Metric

Threat Level: 9/10
Infected PCs: 5
First Seen: June 27, 2012
Last Seen: August 11, 2021
OS(es) Affected: Windows

Troj/JSRedir-HT is a Java-based browser exploit that installs a second PC threat, the Trojan Troj/Yolped-A, onto unprotected computers that are inadvertently exposed to its attack. Troj/JSRedir-HT's drive-by-download techniques are also applicable to other forms of harmful software and may be used on a variety of sites and unsafe advertisements, although SpywareRemove.com malware researchers can only confirm Troj/JSRedir-HT's usage at a recently-hacked website for a major hotel chain. Since Troj/JSRedir-HT also bears a strong resemblance to similar zero-day exploits that remain unpatched by Microsoft, it's encouraged for you to protect against Troj/JSRedir-HT and associated browser attacks by avoiding hacked websites and using anti-malware software to block these exploits when your browser is exposed to them.

How Troj/JSRedir-HT Turns Hope for Employment into a PC Assault

Similar to exploits like Exp/20121889-A, Troj/JSRedir-HT is a web-based PC threat that's often inserted into reputable sites via attacks by hackers. At the time of this writing, Troj/JSRedir-HT has been observed at a website for a popular hotel chain's job openings database, although Troj/JSRedir-HT may also be hosted at other sites. Typical for browser exploits, Troj/JSRedir-HT doesn't show symptoms of its attack, which installs Troj/Yolped-A without your permission by exploiting JavaScript vulnerabilities.

Troj/JSRedir-HT's payload, Troj/Yolped-A, has been confirmed to create multiple .exe files, including files that are named in imitation of Windows components (such as cmd.exe). As a Windows-based Trojan, Troj/Yolped-A isn't able to threaten other operating systems but should be considered a severe threat to most versions of Windows, including updated versions of Windows 7. Theoretically, the attack methodology that Troj/JSRedir-HT uses can also be employed on the installation of other types of malicious software besides Troj/Yolped-A, although, at the time of this article's writing, Troj/JSRedir-HT hasn't been observed to install any other type of PC threat.

Putting Troj/JSRedir-HT on a Short Leash

As a PC threat that's dependent on JavaScript, Troj/JSRedir-HT can be thwarted by keeping JavaScript uninstalled or by disabling Java for any site that you suspect to be compromised by Troj/JSRedir-HT (which is a standard feature for many brands of web browsers). SpywareRemove.com malware researchers also recommend that you keep JavaScript updated, since this will reduce the presence of vulnerabilities like those that Troj/JSRedir-HT uses to attack your PC.

However, none of these safeguards can take the place of having suitable anti-malware software, particularly for removing Troj/JSRedir-HT's payload. Because Trojans that are installed by Troj/JSRedir-HT can create multiple files that are named misleadingly, you should avoid trying to delete them without assistance from either suitable software or a PC security professional. Troj/JSRedir-HT's identification as a PC threat is also extremely new, and you should be certain that your anti-malware programs are updated to maximize their ability to detect Troj/JSRedir-HT and the Trojan that Troj/JSRedir-HT installs.

Loading...