Java/Jacksbot.L!tr
Analysis
- This malware seems to be intended for multiple computing platforms due to its being implementated in the Java Runtime Environment.
- This malware has been associated with stealing information related to games such as MineCraft.
- The malware has been designed to be a component for a backdoor which may have the following features:
- gather information about the infected host
- access/delete files
- capture user screen
- connect to remote URLs
- This malware may arrive in various forms: as a RAR SFX file that uses a black Apple logo; as a plain RAR file containing the malicious class files; or as a PK/JAR file.
Recommended Action
- FortiGate Systems
- Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
FortiClient Systems
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
Telemetry
Detection Availability
FortiGate | |
---|---|
Extended | |
FortiClient | |
FortiMail | |
FortiSandbox | |
FortiWeb | |
Web Application Firewall | |
FortiIsolator | |
FortiDeceptor | |
FortiEDR |