Short bio

This Trojan injects downloaded JavaScript (JS) files into browser sessions and sets a proxy accompanied with a false SSL certificate to perform a man-in-the-middle (MITM) attack.

Common infection method

The installer for this Trojan was included in bundlers.


Malwarebytes can remove this Trojan without further user interaction. It removes the proxy completely, so if you were using one before the infection, this will have to be re-set.

Cybersecurity info you can’t do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.

Select your language