Sucuri Malware Labs

Description:

A suspicious remote javascript include was identified. It was set in an non-standard place (before the <html> tag) and was used to distribute malware to someone visiting the infected web site.

 

Signature:

This is not a signature-based rule, but looks for anomaly behaviours that indicate the presence of malware. In this case, our engine found it to be malicious (related to drive-by downloads).

 

Affecting:

Any web site sites (no specific target)

 

Clean up:

This malware is generally hidden inside the PHP or ASP files. Sign up here to get it clean up: Signup

 

Malware dump (sample of malware):

Malware dump not available.

For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb