SiteCheck Signatures

  1. Home
  2. Signatures
  3. SiteCheck Signatures
  4. malware-entry-mwiframehd2298

malware-entry-mwiframehd2298

Description:

A remote javascript file was found inside the site content (possibly injected in the database). It is used to distribute malware from external web sites while not being visible to the user (also known as HTTP Malicious Toolkit and Blackhole exploit- depending on the intermediary domains).

 

Domains used in this attack:


http://injj.ignorelist.com/14
http://innn.ignorelist.com/in.php?n=14
http://www3.bestoyumaster.rr.nu/?h0..
(and many others)

Affecting:

WordPress and Joomla sites.

 

Clean up:

This malware is generally hidden inside the database (wp-content table). Sign up here to get it clean up: Signup

 

Malware dump (sample of malware):