Sucuri Malware Labs

Sucuri on Twitter Sucuri on Facebook Sucuri on LinkedIn

Malware entry: MW:JS:INCLUDE:REBOTSHome  |  Notes  |  Malware data  |  Signatures  |  Tools  |  About

Description: An malware javascript (maljs) include call was identified in the site. It is used to load malware from the "rebots.php" file and attempt to infect anyone visiting the site.

This is a common malware (Jul/Aug/ 2012). Some variations include "flashplayer.php" and a few other names. Some of the domains distributing malware:



Affecting: Any web site (most common on WordPress).

Clean up: Malware is hidden at the index.php or index.html files.

Last update: 2013/Jun

Malware dump:

For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb