SiteCheck Signatures

  1. Home
  2. Docs
  3. SiteCheck Signatures
  4. malware-entry-mwjs1304


Description: Javascript encoded and hidden inside the HTML or PHP page. It is used to create an iframe to distribute malware hidden to the end user. In some cases it hides the content inside the "<body onload" or sometimes just as a plain javascript entry.

Domains used:

Affecting: Any web site. It uses stolen FTP passwords to compromises the site (similar to Gumblar).

Clean up: Request support here (or sign up here).

Malware dump: