Sucuri Malware Labs

Sucuri on Twitter Sucuri on Facebook Sucuri on LinkedIn

Malware entry: MW:JS:JJ677Home  |  Notes  |  Malware data  |  Signatures  |  Tools  |  About


A suspicious and encoded javascript was found. It used the jjencoder to hide its content, but we detected a hidden call to load content from remote web sites in attempt to exploit a specific browser vulnerability.
Note that any PHP, HTML and JS file gets compromised by this malware. Sometimes it can also be hidden inside the database.
Affecting: Any web site. Often on outdated WordPress, Joomla and osCommerce sites.

Clean up: You can also sign up with us and let our team remove the malware for you.
Loads malware from multiple sources:


Malware dump (sample of malware):

For all our web-based malware signatures, go here: