Sucuri Malware Labs

Sucuri on Twitter Sucuri on Facebook Sucuri on LinkedIn

Malware entry: MW:HTA:7Home  |  Notes  |  Malware data  |  Signatures  |  Tools  |  About

Description: This attack uses the .htaccess file to redirect users to a site serving malware (or spam). In some cases, the index.php is also modified to do the redirection as well.

Loads malware from:

Affecting: Any type of web site (no specific target).

Clean up and details: Remove offending code from .htaccess and/or index.php or contact support@sucuri.net for help.

Links: http://blog.sucuri.net/2010/04/conditional-redirects-or-the-htaccess-malware.html

Malware samples:


For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb