SiteCheck Signatures

  1. Home
  2. Docs
  3. SiteCheck Signatures
  4. malware-entry-mwoscom1


Description: Code used to insert a malicious javascript on sites
using OsCommerce. Loads malware from:

More details:

Most of the sites affected also had a few PHP files inserted inside the
/images folder, generally called inclasses.php or phpclasses.php.

Malware dump: