SiteCheck Signatures

  1. Home
  2. Signatures
  3. SiteCheck Signatures
  4. mwjs-enciframe-injected507

mwjs-enciframe-injected507

Description: An encoded and malicious iframe was identified. It is used to load malware from external web sites. Some details here:New Web Malware Attacks Using .Ru/In.CGI?16 and here: Distributed Malware Network Outbreak Using Stats.php.

This is a very common malware infecting thousands of sites (Jul 2012). Some of the domains being used:


http://udzycaf.ru/count24.php

Those links lead to multiple exploit kits affecting desktop (Windows) users.

Affecting: Any web site (no specific target).

Clean up: Malware is hidden at the index.php or index.html files.

Malware dump: