Home Testimonials Company Support 1–888–873–0817
PRICING SUPPORT LOGIN
Home Notes Malware Signatures About

Malware entry: MW:JS:INCLUDE:IMAGES

Description: A suspicious javascript remote include or iframe call was identified in the site. It it used to load malware from a PHP file hidden inside the images directory on a compromised and blacklisted domain.

This is done to hide the original URL and make it harder for scanners to identify the malware.

Not very common type of malware. Some URLs:



Those are often used to redirect the browser of anyone visiting the site to Fake AV (anti virus). However, since this is a generic rule, the malware can change from site to site.

Affecting: Any web site (no specific target).

Clean up: Nothing specific.

Last update: Aug/2012

Malware dump:

For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb