SiteCheck Signatures

  1. Home
  2. SiteCheck Signatures
  3. malware-entry-mwjs3029


Description: This malware infects a web site through a compromised desktop (with virus), where
it steals any stored password from the FTP client and uses that to attack the site.
Note that every PHP, HTML and JS file can get compromised by this malware.

*On some variations, we are also seeing sites get hacked through outdated web applications (Joomla and WordPress).

Domains used::

Affecting: Any web site with FTP enabled (and password stolen).

Clean up:Sign up here:

Malware dump:

<script src=" /jslib/le.js"></script>