Author Topic: Site with 2012 conditional redirect- avast! shield detects JS:Redirector-XK[Trj] (Read 1721 times)

polonus · « **on:** December 20, 2013, 06:44:57 PM »

Some websites go on redirecting via non-updated CMS software.
http://quttera.com/detailed_report/malgorzatastachowiak.com
&
http://maldb.com/malgorzatastachowiak.com/
&
http://evuln.com/tools/malware-scanner/malgorzatastachowiak.com/
&
http://ninjafirewall.com/malware/index.php?threat=2012-07-01.01
&
http://sitecheck.sucuri.net/results/malgorzatastachowiak.com

IP has this IDS alert: "ET CURRENT_EVENTS c3284d Malware Network Compromised Redirect (comments 2)" mass compromise rule!
http://urlquery.net/report.php?id=8472390

polonus

Pondus · « **Reply #1 on:** December 20, 2013, 07:45:34 PM »

the redirect URL
https://www.virustotal.com/en/url/c736a4134715753a3b41fc7e8543545ef202bf8cbe267bacee05be76f3f323ef/analysis/1387564888/

http://sitecheck.sucuri.net/results/vesuqpu.ru/

polonus · « **Reply #2 on:** December 20, 2013, 08:15:03 PM »

Thanks, Pondus,

Blacklisted and detected conditional redirect, so protection going all around,
Site was hacked because of WP being vulnerable at the time this malware campaign began.
Everybody (webmasters and web admins alike, please update your CMS, please,
users/visitors will thank you,

pol

Author Topic: Site with 2012 conditional redirect- avast! shield detects JS:Redirector-XK[Trj] (Read 1721 times)

polonus

Site with 2012 conditional redirect- avast! shield detects JS:Redirector-XK[Trj]

Pondus

Re: Site with 2012 conditional redirect- avast! shield detects JS:Redirector-XK[Trj]

polonus

Re: Site with 2012 conditional redirect- avast! shield detects JS:Redirector-XK[Trj]