Search This Blog

Cyber criminals inject malicious java applet into Trading FOREX site

A FOREX Trading website was injected with a malicious java applet that is designed to drop the malware file on visitors system.

A FOREX Trading website was injected with a malicious java applet that is designed to drop the malware file on visitors system.

A Popular FOREX (foreign exchange market) website called "Trading Forex" (tradingforex.com) has been infected by the malware, according to WebSense report.

malicious java
Injected applet code

The dropped backdoor from the Trading Forex website is written in Visual Basic.Net and requires the Microsoft's .NET framework to be successfully installed and operational on a victim's computer. It seems like hacker target only those who use .NET framework or they only know .NET coding?!

It is not usual Java exploit Jar . It is simple Java file that loads an exe file hosted in the malware site.

"Basically the Java code is just another Java loader which requires user interaction to successfully load the binary file '123.exe'. One interesting point in the screenshot above is that we can also see in the MANIFEST-INF that the Java applet has been signed with a certificate." Researcher said.
Share it:

EHN

Java Exploits

malicious java applet

Malware Report

Trading Forex infected