Clients of escorts and call girls are usually aware of the the risks presented from STIs. However, SophosLabs has been monitoring a different type of infection risk for clients of escorts in Indian cities.
The Troj/JSRedir-AR infection has morphed slightly:
If you look at the variable ‘o[e]‘ (two-thirds of the way down) you will see the beginnings of an obfuscated string ‘http://’. Previous versions of Troj/JSRedir-AK and Troj/JSRedir-AR have used non-alphanumeric characters to disguise the strings.