Author Topic: Trojan alert in our Website- Urgent (Read 1867 times)

alptankurt · « **on:** August 07, 2013, 09:16:44 AM »

Hi.
I'm a software developer in Hurriyet which is the biggest news website in Turkey.
We have a urgert problem, please contact me as soon as possible. Some of visitors that use avast sent us some trojan alert in our website. But our servers are already clean. Please visit the link below and tell me what would we do.
Not just a link, some of our pages have the same problem.
Please tell us whats wrong and how we will fix the urgent problem.

Sample link : http://dosyalar.hurriyet.com.tr/annelergunu/yerler.asp

Note: I guess avast comprehends the script which have a iframe code.(Line 4, <iframe src="http://www.hurriyet.com.tr/uv/dosyalar/uv.asp...)

http://sitecheck.sucuri.net/results/www.hurriyet.com.tr/anasayfa/

Edit: URL:   http://www.hurriyet.com.tr/favicon.ico|{...

processus:   C:\Program Files (x86)\Mozilla Firefox\f...
infection:   JS:Iframe-DBE [Trj]

Asyn · « **Reply #1 on:** August 07, 2013, 09:20:29 AM »

-> http://sitecheck.sucuri.net/results/dosyalar.hurriyet.com.tr/annelergunu/yerler.asp
-> http://labs.sucuri.net/db/malware/malware-entry-mwiframehd202

polonus · « **Reply #2 on:** August 07, 2013, 10:26:11 PM »

Seems indeed the malware there has been closed: http://support.clean-mx.de/clean-mx/viruses?id=12257392
Send a FP report here: http://www.avast.com/contact-form.php

polonus

Author Topic: Trojan alert in our Website- Urgent (Read 1867 times)

alptankurt

Trojan alert in our Website- Urgent

Asyn

Re: Trojan alert in our Website- Urgent

polonus

Re: Trojan alert in our Website- Urgent