SiteCheck Signatures

  1. Home
  2. SiteCheck Signatures
  3. mwjs-include-suspicious

mwjs-include-suspicious

Description: A suspicious javascript remote include or iframe call has been identified on the site. This call is used to remotely load malware from a location known to be used by malicious code, but we could not fully verify the exact details. Additional checks are required.

This is not a common type of malware found on compromised websites. Some URL examples include:

http://xxx.com/.../QTYgXYYZ
http://yyy.com/../../QTYgXYYZ

These are typically used to redirect the browser to SEO spam sites via a TDS. However, since this is a generic rule, the malware can change from site to site.

Affecting: Any web site (no specific target).

Clean up: Nothing specific.

Last update: Oct/2012

Malware dump:

<script type="text/javascript' src="http://xxx.com..