Sucuri Malware Labs

Sucuri on Twitter Sucuri on Facebook Sucuri on LinkedIn

Malware entry: MW:EXPLOITKIT:BLACKHOLE1Home  |  Notes  |  Malware data  |  Signatures  |  Tools  |  About

Description:

An encoded javascript (or a redirection to it) was detected, leading browsers to the Blackhole Exploit kit (v1.x). It attempts to exploit the browser of anyone visiting the site using a combination of multiple vulnerabilities (Java, Adobe PDF, Flash and others). This is one of the most common type of malware we are seeing on web sites lately (2012/Mar).

Note that any PHP, JS or .htaccess could be compromised by this type of malware.

 
Affecting: Any web site. Often on outdated WordPress, Joomla and osCommerce sites.

Clean up: You can also sign up with us and let our team remove the malware for you.

 
Loads malware from multiple sources:

 

Malware dump (sample of malware):


For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb