Home Testimonials Company Support 1–888–873–0817
PRICING SUPPORT LOGIN
Home Notes Malware Signatures About

Malware entry: MW:BLUEH:2

Description:

Code used to insert a malicious javascript on sites hosted at Bluehost and Dreamhost. Loads malware from: http://vancouvererrorsonfile.com


Details:

http://blog.sucuri.net/2010/08/yet-another-series-of-attacks-part-x-vancouvererrorsonfile-com-and-the-hilarykneber-group.html


Clean up:

Run the following script: http://blog.sucuri.net/2010/05/simple-cleanup-solution-for-latest.html


Malware dump (base 64 added to the .php files):


 



For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb