Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

JS.Flea.B

Dec 1, 2003 12:36AM PST

Alias: JS.Flea.b (Kaspersky),
JS/Fortnight.gen (McAfee),
JScript/FortNight.116.Trojan
Category: Java Script
Type: Trojan
Published Date: 11/30/2003
Last Modified: 12/1/2003

CHARACTERISTICS
JS.Flea.B is a worm, which spreads through a hidden link at the bottom of HTML e-mail messages created with Outlook Express.

Method of Distribution
Via Email/Website/Exploit
The link appears in an HTML IFRAME tag, and points to a particular file: http://nc.com.tw:312*************/l.htm. At present, the link resolves to another file located on a pornographic site hosted on the terra.es domain. This file contains the worm code (encrypted Java Script), which in turn tries to load and execute the applet called "aa.class".

Currently "aa.class" is no longer available.

http://www3.ca.com/virusinfo/virus.aspx?ID=37672

Discussion is locked