JS/ExpJS.BE!tr
Analysis
JS/ExpJS.BE!tr is a generic detection for a type of obfuscated JavaScript trojan that uses a certain function to decode itself. When the decoded codes are executed, it redirects the web browser to other sites that may contain malicious content.
This malware has been associated with the Neutrino Exploit Kit.
Recommended Action
FortiGate Systems
- Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
FortiClient Systems
- Quarantine/delete files that are detected and replace infected files with clean backup copies.