Home > Threat descriptions >

Trojan:Java/Openconnection

Classification

Category: Malware

Type: Trojan

Platform: Java

Aliases: Trojan:Java/Openconnection, Trojan:Java/Openconnection, Java/Openconnection.A

Summary


The Openconnection is a family of Java applet based trojan downloaders, that infect Internet Explorer through malicous web page that uses Java classloader byteverify exploit or other vulnerability in Internet Explorer.

Removal


Update and Removal Instructions

The easiest way to be safe from these trojans is to make sure that Internet Explorer (IE) is up to date.

Note: In some cases, even with an updated browser, the trojans are sometimes downloaded, but they are at least unable to activate.

Knowledge Base

Find the latest advice in our Community Knowledge Base.

About the product

See the manual for your F-Secure product on the Help Center.

Contact Support

Chat with or call an expert for help.

Submit a sample

Submit a file or URL for further analysis.

Technical Details


These trojans usually download other trojan/spyware components on the system.

Installation to system

The Openconnection trojans install themselves from a malicious web page that contains a reference to the trojan.

The trojan uses a vulnerability in the classloader system of Microsoft Java runtime, that allows the malicious applet to break out of the sandbox, and gain same access as any other executable running with users permissions.

Further information about the vulnerability in the Microsoft Java VM, including a fix, is available at: