SiteCheck Signatures

  1. Home
  2. SiteCheck Signatures
  3. malware-entry-mwjs199

malware-entry-mwjs199

Description:This encoded javascript malware redirects the user to:
http://sakura-ne-jp.y8.com.linkbucks-com.pinkvomit.ru:8080
/livejournal.com/livejournal.com/megaupload.com/google.com/w3.org.php

Where malware is loaded. It uses multiple directories named as google, w3.org,
livejournal, etc to try to disguise the user.

Affecting: Any web site (Joomla and WordPress more often).

Malware dump: