SiteCheck Signatures

  1. Home
  2. Signatures
  3. SiteCheck Signatures
  4. malware-entry-mwgdd4

malware-entry-mwgdd4

Description:

Code used to insert a malicious javascript on many WordPress sites hosted at GoDaddy. The malicious code is added to the database, infecting each post. Loads the malware from:

http://acrossuniverseitbenet.com/js.php?kk=10
http://www3.top-scan-foru.in

Generally infecting all WordPress posts.

Clean up:

Contact support@sucuri.net.

Malware dump (base 64 added to the .php files):