SiteCheck Signatures

  1. Home
  2. Docs
  3. SiteCheck Signatures
  4. mwjs-include-rebots


Description: An malware javascript (maljs) include call was identified in the site. It is used to load malware from the "rebots.php" file and attempt to infect anyone visiting the site.

This is a common malware (Jul/Aug/ 2012). Some variations include "flashplayer.php" and a few other names. Some of the domains distributing malware:
.. many others ..

Affecting: Any web site (most common on WordPress).

Clean up: Malware is hidden at the index.php or index.html files.

Last update: 2013/Jun

Malware dump: