Home Testimonials Company Support 1–888–873–0817
PRICING SUPPORT LOGIN
Home Notes Malware Signatures About

Malware entry: MW:RKS:4

Description: Code used to insert a malicious javascript into many sites hosted at Rackspace and Mediatemple. This javascript is decoded to load iframes from multiple web sites (eg. http://div.electronicscommission.com/in.cgi?2, etc).

Infection: It infects a javascript file to only load malware to IE users. The following backdoors are being used:
http://sucuri.net/?page=tools&title=blacklist&detail=59848d99216e36195cdb6ddf945bb478
http://sucuri.net/?page=tools&title=blacklist&detail=a256e28126fa92d2b26dcc86dcbed379


Clean up: Contact support@sucuri.net for help.

Malware dump:document.write('<script type="text/javascript" src="/wp-cont...

For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb