Home Testimonials Company Support 1–888–873–0817
PRICING SUPPORT LOGIN
Home Notes Malware Signatures About

Malware entry: MW:JS:160

Description: This malware infects a web site through a compromised desktop (with virus), where it steals any stored password from the FTP client and uses that to attack the site.

Note that every PHP, HTML and JS file can get compromised by this malware. On some variations of this attack, it is also compromised through vulnerable versions of Timthumb/WordPress.

Some anti virus programs will flag this type of malware (after infecting a computer) as Blackhole Exploit kit or similar names.

Affecting: Any web site with FTP enabled (and password stolen).

Domains distributing malware:


Clean up: The desktop must be cleaned first. Use multiple AVs if necessary, since this virus is very good at hiding from the current AV that is running. Once it is clean, then you can clean up the sites and change the passwords.You can also sign up with us and let our team remove the malware for you.

Malware dump:

For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb