For Home

Virus Profile: JS/Stealus

Threat Search
Print
   
Virus Profile information details
Risk Assessment: Home Low | Corporate Low
Date Discovered: 6/15/2004
Date Added: 6/15/2004
Origin: Unknown
Length: varies
Type: Trojan
Subtype: Vulnerability
DAT Required: 4367
Removal Instructions
   
 
 
   

Description

This is a trojan detection. Unlike viruses, trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted. The most common installation methods involve system or security exploitation, and unsuspecting users manually executing unknown programs. Distribution channels include email, malicious or hacked web pages, Internet Relay Chat (IRC), peer-to-peer networks, etc.

Indication of Infection

There are no obvious symptoms of this exploit.  Files detected as JS/Stealus are benign themselves.  No system changes or damage occurs from accessing an JS/Stealus file.  However, following an exploited hyperlink within a detected file can result in users being tricked to divulge personal information, install malicious software, etc.

Methods of Infection

Email spam is the most likely delivery method of such malicious html pages, to lure users into updating account information.

Aliases

JS/Stealus.gen
   

Virus Characteristics

This detection covers HTML documents (such as web pages and HTML formatted email messages) that contain malicious JavaScript, which exploit an Internet Explorer vulnerability resulting in Internet Explorer displaying one location in the Address bar, but actually loading the content from a different site.  Such URL spoofing can result in attackers creating forged versions of legitimate sites in order to steal account information, personal information, etc.

   
All Users:
Use current engine and DAT files for detection. Delete any file which contains this detection.