Rapid7 Vulnerability & Exploit Database

Download.Ject - IIS Malware (aka JS.Scob.Trojan)

Back to Search

Download.Ject - IIS Malware (aka JS.Scob.Trojan)

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
03/07/2006
Created
07/25/2018
Added
03/07/2006
Modified
07/31/2012

Description

Download.Ject (aka JS.Scob.Trojan) is a malware written in JavaScript affecting Microsoft IIS servers. It is believed that the malware is first installed on IIS servers by exploiting old unpatched IIS vulnerabilities. Then, Download.Ject makes use of the footer feature from IIS to append a JavaScript file to the end of every file served by IIS. This JavaScript file subsequently attempts to exploit various Internet Explorer vulnerabilities to install backdoors and trojans from a remote web site.

Solution(s)

  • remove-download-ject-malware

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;