Bitdefender detects Tor Browser Bundle Javascript exploit

Bitdefender has added detection against the Tor Browser Bundle exploit. The exploit has been involved in an operation aimed at de-anonymizing the users of websites hosted by FreedomHosting.

Exploit.JS.Agent.BB uses a heap-spraying technique to break the javascript engine and eventually drop and execute a payload file, such as this one. As the exploit is publicly available, we judge the probability of it being used in other attacks by other actors as high.

So far, a handful of installed Bitdefender instances in France and the Dominican Republic have reported detection of the exploit.