FilmEdge.net...

[avoidz]

Hi, I'm trying to reach the home page of FilmEdge.net, but avast! is detecting a JS threat and denies the connection:



Could someone confirm this is a real threat or just an overly-cautious web scanner, cheers.

[DavidR]

It looks like the site has been hacked.

There is a large block of obfuscated javascript in a script tag immediately after the Body tag of the index page. I don't pretend to know what this script does, but javascript is a plain language scripting code, so why go to these lengths to hide its purpose.

[Pondus]

Wepawet (alpha) Analysis report for http://filmedge.net/
http://wepawet.iseclab.org/view.php?hash=2800663f8c1b98291c02ec7a3e5d389f&t=1271860714&type=js

Anubis
http://anubis.iseclab.org/?action=result&task_id=1ffc59ad10b1bc8d4350ffc8560382466&format=html

[avoidz]

Thanks. I just checked the site again and it seems to be fixed now.

Cheers

[DavidR]

You're welcome.

Looks like they have cleaned out the suspect script tag, no alerts from avast now.

[polonus]

More about this here: http://www.wjunction.com/showthread.php?t=21715

polonus

[DavidR]

More about this here: http://www.wjunction.com/showthread.php?t=21715

polonus

Nice topic that, nice and clear with a circular reference back to your topic on these forums and a good promotion of avast being the only one detecting it.

Like this topic here, I uploaded the file to VirusTotal and basically only avast was picking it up.