SiteCheck Signatures

  1. Home
  2. Docs
  3. SiteCheck Signatures
  4. mwjs-include-pmg


Description: An unsafe javascript include call was identified in the site. It is used to load malware from the "/pmg.php?d=x" file for anyone visiting the site. Related to the campaign: Latest Mass Compromise of WordPress sites – More Details.

Thousands of sites were compromised with this type of malware. Some of the domains distributing malware:
.. many others ..

Affecting: Any web site (most common on WordPress).

Clean up: Malware is hidden at the index.php or index.html files.

Last update: Aug/2012

Malware dump: