Malware Signatures

  1. Home
  2. Malware Signatures
  3. html.redirect.http-refresh_gen.001

html.redirect.http-refresh_gen.001

Redirecting website traffic is another Blackhat SEO malicious technique. BlackHat SEO is used to manipulate the search engine results in order to benefit a website in terms of relevance.
The payload is HTML based, thus intended for client-side use and the payload is executed after the infected page is loaded directly in the browser.
This malware uses http-Refresh header function to redirect the user to a third-party website, often with a malicious or spam content. The redirect can be conditional, triggered by specific user-agents or referrers (like search engines).

Affecting

Any website hosting vulnerable software or server which had the credentials compromised.

Cleanup

Cleanup is done by deleting the malicious code from the file, or replacing it with a fresh version. The infection can be found in your system by searching for the malicious string inside your files.

Dump


<meta http-equiv="Refresh" content="1; URL=http:// URL-Removed /&s=j305"><script>parent.location.href=&#39;http:// URL-Removed /&s=j305&#39;</script>