SiteCheck Signatures

  1. Home
  2. Docs
  3. SiteCheck Signatures
  4. malware.redkit

malware.redkit

Description:

An encoded javascript (or a redirection to it) was detected, leading browsers to the Redkit Exploit kit (v1.x). It attempts to exploit the browser of anyone visiting the site using a combination of multiple vulnerabilities (Java, Adobe PDF, Flash and others).
This is one of a common type of malware we are seeing on web sites lately (2012/Sep).

Note that any PHP, JS or .htaccess could be compromised by this type of malware.

 
Affecting: Any web site. Often on outdated WordPress, Joomla and osCommerce sites.

Clean up: You can sign up with us and let our team remove the malware for you.

 
Last update: Sep/2012

 
Loads malware from multiple sources:


http://wherewedev.com/33256.jar
http://infinitypr.in/33256.ja
http://integra-lernwerkstatt.de/33256.jar
 (and many other domains).

 

Malware dump (sample of malware):


I want Porche Turbo.</td>