JavaScript Injections Leads to Tech Support Scam
During a recent malware investigation, we found some interesting obfuscated Javascript code. This code pretends to appear as part of the popular AddThis social sharing plugin, using it in URL naming conventions and an image file.
The malware ultimately redirects website visitors to node.additionsnp[.]top which hosts a tech support scam that can be dangerous to visitors. This malware campaign cleverly hides its tracks with several layers of obfuscation, making it difficult for webmasters to identify the hack.
Continue reading JavaScript Injections Leads to Tech Support Scam at Sucuri Blog.
Read more: JavaScript Injections Leads to Tech Support Scam
Story added 9. February 2017, content source with full text you can find at link above.