Home Testimonials Company Support 1–888–873–0817
PRICING SUPPORT LOGIN
Home Notes Malware Signatures About

Malware entry: MW:HTA:9

Description:

This attack uses .htaccess to redirect users to a site serving malware (or spam). In some times a PHP code is added to the index.php to do the redirection instead.

Loads malware from:

http://alolipololi.osa.pl
http://drivegup.tk
And other domains.

Affecting:

Drupal sites.


Clean up and details

Remove offending code from .htaccess and index.php.


Links:

http://blog.sucuri.net/2010/04/conditional-redirects-or-the-htaccess-malware.html

Malware sample:






For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb