SiteCheck Signatures

  1. Home
  2. Signatures
  3. SiteCheck Signatures
  4. malware-entry-hiddeniframedocument-write

malware-entry-hiddeniframedocument-write

Description:

Malware identified and encoded inside a "document.write(String.fromCharCode" call. It is used to call an external and malicious iframe file, while making it hard to find.

Loads malware from:

campusok.net
www.dijoo.com

Affecting:

Any type of web site (no specific target).

Clean up and details:

Remove offending line from the javascript file.

Malware dump:

document.write(String.fromCharCode(60,105,102,114,97,109,101,...;