- Threat Encyclopedia
- Malicious URL
- http://dol.{BLOCKED}1.us:8081/update/index.php
JS_EXPLOIT.MEA accesses the following websites to download a file, detected as BKDR_POISON.MEA. JS_EXPLOIT.MEA was inserted onto a legitimate website of the US Department of Labor and downloads a Poison Ivy backdoor.