SiteCheck Signatures

  1. Home
  2. Signatures
  3. SiteCheck Signatures
  4. malware-entry-mwjs62313

malware-entry-mwjs62313

Description:

A malicious javascript file was found inside the site content of the site and is being used to distribute malware. Any user visiting the infected site could be compromised (desktop antivirus will flag it as Blackhole Exploit kit, JS:Cruzer-B or JS/Obfuscated, depending on the intermediary domains and AV product).

 

Domains used in this attack:


http://best2banners.com/in.cgi?adsbwm
http://yumalicious.com/main.php?page=22e668bbb1755d46
(and many others)

Affecting:

Any web site (no specific target).

 

Clean up:

This malware is generally hidden at the bottom of the .html or PHP files. Sign up here to get it clean up: Signup

 

Malware dump (sample of malware):