SiteCheck Signatures

  1. Home
  2. Signatures
  3. SiteCheck Signatures
  4. mwjs-include-suspicious2

mwjs-include-suspicious2

Description: A suspicious javascript remote include or iframe call was identified in the site. It it used to load malware from a location there is commonly used by malware code. It is likely the site was compromised.

Common locations are malware loading from images/stories on Joomla or wp-content/uploads on WordPress.


httx://site.com/wp-content/uploads/2013/05/temp/s.php
.. many more variations..

Those are often used to redirect the browser to SEO spam sites via a TDS. However, since this is a generic rule, the malware can change from site to site.

Affecting: Any web site (no specific target).

Clean up: Nothing specific.

Last update: 2013/Oct

Malware dump: