Sucuri Research Labs

Sucuri on Twitter Sucuri on Facebook Sucuri on LinkedIn

Latest Malware Entries (24 hrs)Home  |  Notes  |  Malware data  |  Signatures  |  Tools  |  About

      Archived data:   Latest   |   2014-12-04   |   2014-10-18   |   2014-06-18   |   2014-06-02   |   2014-05-23   |   2014-05-08   |   2014-04-29   |   2014-04-20   |   More days

We separate the data in three categories: Iframes, redirectiors and javascript. For each one you can click on the domain for more information, IP addresses and details on the malware.

Hidden iframes

Latest hidden iframes our scanner have identified on compromised web sites.

# of sites infectedTypeMalware / Domains
55iframehttp://mbcobretti.com/hydra.php
9iframehttp://tv-one.org/index/tv_for_you_site/0-50
9iframehttp://osbasedreceiva.pl/img3/count.htm
9iframehttp://fb.tigerland.mn/images/banners/256x320/256x320.html
7iframehttp://gateway-banner.eravage.com/?codebann=iframe
6iframehttp://olshopvjnando.tinata.co.uk/nordexim17.html?l
5iframehttp://www.grupporagni.it/dam/counter.php
5iframehttp://ltkepn.ddns.name/e7edf8ae002e93.XHgX0Vai?default
5iframehttp://fluersutel.tecnofifa.com.ar/dulbaruid16.html
4iframehttp://xudyhbes.ru/count6.php
4iframehttp://link-track.org/in.cgi?3
4iframehttp://baidu.yeskm.cn/tt.htm
2iframehttp://greencricket.ru/in.cgi?16
2iframehttp://directlinke.cn/in.cgi?27
Limited view (40 rows)... Only the top entries being displayed.

Conditional redirections

Conditional redirections we have detected (based on user agents or referers).

# of sites infectedTypeMalware / Domains
94redirectionshttp://m.mobi-avto.ru
43redirectionshttp://mob-version.ru/other/
9redirectionshttp://1u.dynssl.com/
8redirectionshttp://reltimes-2010.ru/langoust?8
8redirectionshttp://rd-direct.com/ctrd/click/newjump1.do?affiliate=66076
7redirectionshttp://sh.oowoo.ru/redsh.php
4redirectionshttp://uaroyalys-daliachu.ru/industry/index.php
3redirectionshttp://top-trusted-online-casinos.com
3redirectionshttp://smooth.ygto.com/
3redirectionshttp://freechudo.ru/lpdownload8_/?id=u463e29f228951e5ddd3244277592282f
2redirectionshttp://voblya.com/tds/in.cgi?8
2redirectionshttp://super-vipka.ru
2redirectionshttp://mob-version.ru/other/?/archives/59-Graduation-Gifts.html
2redirectionshttp://m.mobi-avto.ru?id_rubrique=1
1redirectionshttp://lastx-search.org/in.cgi?4
Limited view (40 rows)... Only the top entries being displayed.

Encoded javascript

Encoded javascript (redirecting to blackhole and other exploit kits) or to build a remote call.

# of sites infectedTypeMalware / Domains
11javascripthttp://dosug-prostitutki.info/main.php": document.write(unescape('%3C%73%63%72%69%70%74%20%6C%6...
2javascripthttp://124.217.249.45/~user/html/TDS/go.php?sid=1: function v51865f0c462e4(v51865f0c463de){ fun...
36javascript<script type="text/javascript" src="http://luxuryrvswa.com.au/wp-content/themes/crusader_carava...
26javascript<script type="text/javascript" src="http://malayca.com/old/script/zygpjtwr.php?id=9514814"></sc...
21javascript<script type="text/javascript" src="http://paperarts4u.com/wp-content/plugins/wp_modx/jquery-1....
20javascript<script type="text/javascript" src="http://ukstartingbusiness.co.uk/dzmrwpjk.php?id=24377467"><...
12javascript<script type="text/javascript" src="http://psychotherapie-bohnhoff.de/img/dtd.php?id=17001162">...
12javascript<script type="text/javascript" language="javascript" > var _b = document.createElement('iframe'...
11javascript<script src=http://hitslap.com/pup.js></script>
11javascript<script type="text/javascript" src="http://freshcash.bg/inc/uislider/dm7yjmq9.php?id=9587698"><...
11javascript<script type="text/javascript" src="http://1405.ru/rxrmh6gb.php?id=3503571"></script>
11javascript<script type="text/javascript" language="javascript" > function zzzfff() { var xu = document.cr...
11javascript<script src="http://5.9.179.87/br/flashplayer/"></script>
10javascript<script type="text/javascript" src="http://unodint.com/ncmdflbb.php?id=41532915"></script>
9javascript<script type="text/javascript" src="http://www.samico.de/tc3fpv9j.php?id=54695665"></script>
9javascript<script type="text/javascript" src="http://sugatudo.com.br/index_arquivos/selo_data/wdvfqmyb.ph...
9javascript<script type="text/javascript" src="http://robinkornett.com/bqfr27t3.php?id=52443177"></script>
9javascript<script type="text/javascript" src="http://MadeinHeavenServicesInc.com/wp-content/themes/affilo...
9javascript<script type="text/javascript" src="http://ftp.novo.es/wp-content/themes/twentyfourteen/pf4mdjk...
9javascript<script type="text/javascript" src="http://forum.iron-age-classic-bodybuilding.com/Themes/defau...
9javascript<script type="text/javascript" src="http://brux.nl/templates/ja_purity/yrzpycph.php?id=2582042"...
9javascript<script type="text/javascript" src="http://ajitbond.com/lvzbcdjp.php?id=7045547"></script>
8javascript<script type="text/javascript" src="http://pc-pointers.com/37qlnrdz.php?id=41468802"></script>
8javascript<script type="text/javascript" src="http://msdsc.net/6gcjq8tn.php?id=56136410"></script>
6javascript<script type="text/javascript" src="http://pkg.complete.pl/installer/JxXWFdty.php?id=15352639">...
4javascript<script type="text/javascript" src="http://raoulje4.four.axc.nl/templates/beez5/grxmyyq9.php?id...
4javascript<script type="text/javascript" src="http://bodegacomarcal.es/ykbdvvdg.php?id=23458843"></script>
4javascript<script src=http://milapop.com/ur.php></script> </title><script src=http://bookvivi.com/ur.php>...
3javascript<script type='text/javascript'>var hs_frf=document.createElement('script');hs_frf.setAttribute(...
3javascript<script type="text/javascript" src="http://xn--amlcal-vua90dd.com/lbqxpzwd.php?id=5658392"></sc...
3javascript<script type="text/javascript" src="http://www.theedgeman.co.za/j3yyfhxt.php?id=3652410"></script>
3javascript<script type="text/javascript" src="http://www.maisonducuir.be/m8qncr9k.php?id=13375924"></script>
3javascript<script type="text/javascript" src="http://www.ingenieriaolmos.com.ar/knwck2vr.php?id=53846802"...
3javascript<script type="text/javascript" src="http://theweddingsparkle.com/wp-content/themes/twentythirte...
3javascript<script type="text/javascript" src="http://snproductions.net/radiant_gel/portraits/tj7mc2kh.php...
3javascript<script type="text/javascript" src="http://schroniskoradlin.pl/wp-content/themes/twentyten/kzvg...
3javascript<script type="text/javascript" src="http://lumi-nails.de/j6bdxpkm.php?id=63405270"></script>
3javascript<script type="text/javascript" src="http://79.96.168.112/zpkwwlgp.php?id=56129956"></script>
3javascript<script src="http://number12horse.com/_mmServerScripts/PBPP1i34.php?id=55135487" type="text/jav...
3javascript<script src="http://89.161.208.57/attachments/dvmH99Br.php?id=45818445" type="text/javascript">...
Limited view (40 rows)... Only the top entries being displayed.