What unknown_htlm malcode on website?

Avast WEBforum »
Other »
Viruses and worms (Moderators: Maxx_original, misak) »
What unknown_htlm malcode on website?

« previous next »

Print

Pages: [1] Go Down

Author Topic: What unknown_htlm malcode on website? (Read 1082 times)

0 Members and 1 Guest are viewing this topic.

polonus

Avast Überevangelist
Probably Bot
Posts: 34065
malware fighter

What unknown_htlm malcode on website?

« on: February 24, 2015, 06:22:34 PM »

See: https://www.virustotal.com/nl/url/2a55c07049c36075cc6a5bde6fa26bb3e701c248960430f38fe599010d258f95/analysis/1424797305/
Blacklisted and likely compromised website: http://sitecheck.sucuri.net/results/bshk.ru
This vulnerability there? -> https://github.com/opencart/opencart/issues/1534

IP badness history: https://www.virustotal.com/nl/ip-address/91.201.52.125/information/
990 websites on one and the same IP: http://sameid.net/ip/91.201.52.125/6/

Detected reference to malicious blacklisted domain -personal.bshk.ru
60 such malicious files detected by Quttera's.

See: http://www.dnsinspect.com/bshk.ru/1424797922 (minor mail server issues)
PHP issues: http://4.59.136.200/plugins/index.php?view=single&id=77285

XSS DOM vuln.: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fbshk.ru

bshk.ru is listed in the DBL &

pol

Logged

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Print

Pages: [1] Go Up

« previous next »

Avast WEBforum »
Other »
Viruses and worms (Moderators: Maxx_original, misak) »
What unknown_htlm malcode on website?

SMF 2.0.18 | SMF © 2015, Simple Machines
XHTML
RSS
WAP2

Page created in 0.095 seconds with 21 queries.