Home Testimonials Company Support 1–888–873–0817
PRICING SUPPORT LOGIN
Home Notes Malware Signatures About

Malware entry: MW:JS:EVALUNESC:WSCRIPTS

Description: An encoded javascript block was identified. After decoding it loads malware from http://www.wscripts.org/pop.js and other compromised domains.

Not many sites are infected with this variation. Main injected script:


Those links lead to multiple exploit kits affecting desktop (Windows) users.

Affecting: Any web site (no specific target).

Clean up: Malware is hidden at the index.php or index.html files.

Last update: Aug/2012

Malware dump:

For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb