The Latest in IT Security

New JS/HiddenLink Script detected

19
Sep
2013

A recently detected a new script as JS/HiddenLink – but is it a false positive?

Unfortunately not, this is part of a BlackHole Exploit Kit (BHEK). The script is injected and hidden by BHEK into the affected system.

JS/HiddenLink is a new family we’ve created for injections such as these. In the past, similar scripts were identified as JS/Redir.

The purpose of this script is to hide the link which follows after dnnViewSate function. Please note that the function name varies.

Luckily, the script in question is not running due to a bug in the code.

AVG Viruslab Research Team

Leave a reply


Categories

TUESDAY, SEPTEMBER 18, 2018

Featured

Archives

Latest Comments

Social Networks