SiteCheck Signatures

  1. Home
  2. SiteCheck Signatures
  3. malware-entry-mwgrepadd2



Malware used on the Network Solutions mass attack:

This file may have multiple names: .nts, counter.cgi, root.ini, root.cgi, etc. All inside the cgi-bin. At the end, it redirects users to sites loading malware:


Clean up:

Remove the php.ini file from inside the cgi-bin directory.