Sucuri Malware Labs

Sucuri on Twitter Sucuri on Facebook Sucuri on LinkedIn

Malware entry: MW:JS:JJ677Home  |  Notes  |  Malware data  |  Signatures  |  Tools  |  About

Description:

A suspicious and encoded javascript was found. It used the jjencoder to hide its content, but we detected a hidden call to load content from remote web sites in attempt to exploit a specific browser vulnerability.
 
Note that any PHP, HTML and JS file gets compromised by this malware. Sometimes it can also be hidden inside the database.
 
Affecting: Any web site. Often on outdated WordPress, Joomla and osCommerce sites.

Clean up: You can also sign up with us and let our team remove the malware for you.
 
Loads malware from multiple sources:

 

Malware dump (sample of malware):



For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb