Malware entry: MW:EXPLOITKIT:BLACKHOLE1

Description:

An encoded javascript (or a redirection to it) was detected, leading browsers to the Blackhole Exploit kit (v1.x). It attempts to exploit the browser of anyone visiting the site using a combination of multiple vulnerabilities (Java, Adobe PDF, Flash and others). This is one of the most common type of malware we are seeing on web sites lately (2012/Mar).

Note that the PHP or .htaccess could be compromised by this type of malware.

Affecting: Any web site. Often on outdated WordPress, Joomla and osCommerce sites.

Clean up: You can also sign up with us and let our team remove the malware for you.

Loads malware from multiple sources:

http://studbax.ru/main.php?page=c22541c393fa212e
(and many other domains).

Malware dump (sample of malware):

<b>@@@ 9D8JB :CIYLG>I:S"g8:CI:Gig=\ i{A:6H: L6>I E6<: >H AD69>C<YYYgZ=\igZ8:CI:Gig=G..</p> <p>And many other variations

More information: Malware entry: MW:EXPLOITKIT:BLACKHOLE1

Story added 6. April 2012, content source with full text you can find at link above.

Malware entry: MW:EXPLOITKIT:BLACKHOLE1

More antivirus and malware news?

Ads

Security news

Malware

Security

IT security

About site

Search Terms Tips

Recent New Tips

Recent Posts