Avast WEBforum
Other => Viruses and worms => Topic started by: Yanto.Chiang on August 19, 2013, 01:13:09 PM
-
Dear All,
This evening we found that one of Indonesian website has been injected by malicious javascript. The site is : hxxp://xxx.ombudsman.go.id
But from some website scanner, this site is secured and not listed as blacklist website :
https://www.virustotal.com/en/url/1fc02a52599e47f617377e38d90cae32feed81782f2c60e46576f41e830dd891/analysis/1376909538/
http://www.urlvoid.com/scan/ombudsman.go.id/
http://vscan.novirusthanks.org/analysis/ff08bb97b936305f8106362e50d73a19/aW5kZXg=/
Is that true that this website is injected?
-
Sucuri report. http://sitecheck.sucuri.net/results/ombudsman.go.id
Malware entry: MW:SPAM:SEO. http://labs.sucuri.net/db/malware/malware-entry-mwspamseo
sucuri blog spam topics http://blog.sucuri.net/category/spam
-
I'd say they are hacked given the site is down. Avast isn't the cause of the blockage either. (Disabled until I can the install to work).
URLQuery: http://urlquery.net/report.php?id=4619208
-
according to this the site is not down, click pic in top richt corner. http://urlquery.net/report.php?id=4619234
-
When I tried going on it wasn't loading. Or is thatr Java at the hand?
-
Outdated joomla at the culprit of this hack, http://ombudsman.go.id/test404page.js
404 Not Found
Content-Length: 277
Content-Type: text/html
failure: <urlopen error timed out>
polonus