Home Testimonials Company Support 1–888–873–0817
Home Notes Malware Signatures About

Malware entry: MW:JS:1211

Description: Encoded javascript malware to load the "Fake AV" virus from multiple domains.
After decoded, it load iframes from sites like beolinkonline.com, smasmaild.com, etc.

Affecting: Wordpress-based web sites.

Clean up: Malware is hidden at the header.php inside the themes directory.

Malware dump:

For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb