Sucuri Malware Labs

Sucuri on Twitter Sucuri on Facebook Sucuri on LinkedIn

Malware entry: MW:BLUEH:2Home  |  Notes  |  Malware data  |  Signatures  |  Tools  |  About


Code used to insert a malicious javascript on sites hosted at Bluehost and Dreamhost. Loads malware from:


Clean up:

Run the following script:

Malware dump (base 64 added to the .php files):


For all our web-based malware signatures, go here: