Malware Signatures

  1. Home
  2. Malware Signatures
  3. html.defaced.cyberheroez.001

html.defaced.cyberheroez.001

This is a defacement attack conducted by The Cyber Heroez hacker group from Indonesia

Affecting

Any web site (no specific target).

Cleanup

Restore your site from a clean backup. Deleting all files first is the best option since it will delete all backdoors and other malicious files that
hackers could leave on the server. It is important to identify and close the security hole to prevent recurring attacks.
You can sign up with us and let our team remove the malware for you.

Dump

...excerpts from a typical defacement page...
<html><head><link rel="shortcut icon" href="http://cyberheroez.ddos.im/ico.png"
...
<body oncontextmenu='return false;' onkeydown='return false;' onmousedown='return false;'

false" noop="if (window.event != null &amp;&amp; window.event.button == 2) alert

(&#39;Please Don&#39;T Right Click&#39;);" bgcolor="#000000">
...
<b>My Friends : </b><marquee scrollamount="10" direction="left" width="60%"> The Cyber Heroez | Hr0QAz | Mufid_Heroez | ZeroCoolTeCH | Mizt3riO_uZ | Aki3m R_vo eZ | Bl4ck Jorozz | V_deVendeta | cH4LL nEwBie | DCyber08 | A17 | ss3ocr | BOBI ENAL NEWBIECyb3rCh4n26 | Blackdunkz | H3r03ZiM0uZ |Exsploit xss | newbie | Medanonymous | flashCyber_Newbie | 4rtn0nym0us | DCyber Eight Zero | ./Mr.dr49 | AstonishRobo | XW4NT0R0 | Crews_Crew | 4zf1nk_g3mb3l | RawRx | Anonymous_The_Override | S A I N T S | Q-bar_Nonym | The_misterious Cyber | White_Cyber | m4y1t xXx | Cyber_007 | ./Cyberz'Crew | Gr4Is_NonYm | ./Cyb[e]r_@.F_TCH | 'uun Anarcy's | Nascik_DeathCyber | C-LD1 | ./evil-net | D1K4 | ./gembel 404 | D-C0D3 | ./p37_h | Pasukan Revolusi | 0I6L | N30N | "G!rgooD" | w0n9 3dAn 45 | GRANAT ZONE | ./r3w4rd | S4MP4H | And YOU </marquee></span></center>
...
<center>Copyright © 2013 | The Cyber Heroez<center></body></head></html>