Trojan trap set at 'Survivor' site
![zd-defaultauthor-andrew-colley.jpg](https://www.zdnet.com/a/img/resize/9599e19c4b85ab038ada92105b72d46261fbfc6f/2014/12/04/6babd17a-7b62-11e4-9a74-d4ae52e95e57/zd-defaultauthor-andrew-colley.jpg?auto=webp&fit=crop&frame=1&height=192&width=192)
The site, owned by a party that has licensed the word "survivor" in a top-level US domain -- not linked to the television network -- today contained a smorgasbord of malicious code embedded in HTML scripts.
A concerned Web user alerted ZDNet Australia about the site after noticing that content on the site had triggered his anti-virus software.
Users who visit the site without adequate anti-virus protection on their PCs are at risk of being infected by three trojans coded into scripts maliciously embedded in its content: VBS/Psyme, Debeski and Java Script/IE.startgen.d.
The trojans take advantage of known exploits in Microsoft ActiveX, Internet Explorer and Java virtual machine.
While anti-virus vendors only rank the script trojans as moderate or low risks, they may be designed to prompt a computer accessing the site to automatically download a secondary payload from another location on the Internet.
At this stage anti-virus vendors that ZDNet Australia approached today have not revealed what the payload is, but miscreants have recently contrived similar forms of attack into maliciously designed HTML e-mails MessageLabs detected this month.