Sucuri Malware Labs

Sucuri on Twitter Sucuri on Facebook Sucuri on LinkedIn

Malware entry: MW:REDIR:FAKEAV533Home  |  Notes  |  Malware data  |  Signatures  |  Tools  |  About

Description: A conditional redirection (Blackmuscats) was detected on the web site, sending users to a domain pushing the Fake V to anyone visiting the compromised site.

This is a very common malware infecting thousands of sites (Jul/Aug 2012).

Updates in names being used: http://labs.sucuri.net/?note=2012-08-02

Some of the domains being used:


Affecting: Any web site (no specific target).

Clean up: Malware is hidden at the index.php or index.html files.

Malware dump:

For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb