Home Testimonials Company Support 1–888–873–0817
PRICING SUPPORT LOGIN
Home Notes Malware Signatures About

Malware entry: MW:BLUEH:1

Description:

Code used to insert a malicious javascript on sites hosted at Bluehost. The second wave of attacks affected a few more hosting companies. Loads malware from:

http://domainameat.cc
http://ae.awaue.com

Details:

http://blog.sucuri.net/2010/06/bluehost-ceo-blog-and-others-exploites-by-domainameat-cc.html


Clean up:

Run the following script: http://blog.sucuri.net/2010/05/simple-cleanup-solution-for-latest.html


Malware dump (base 64 added to the .php files):


 



For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb