gogele analytics infection

We’re seeing some websites infected with code that starts with:

gogele analytics start

It then continues with:

(opening script tag)try{document.asd.removeChild({})}catch(q){ss=””;s=String;}ddd=new Date();…eval(ss);(closing script tag)

and ends with:

gogele analytics end

We’ve been seeing this in index.html files usually immediately following the opening body tag ().

So far, no other common factors in the sites we’ve cleaned this from.

If you have any further information you’d like to share, please post a comment. If we find more information we’ll be sharing it here.

If you know of someone who could benefit from this information, please share it, Tweet it, post it on your Facebook or LinkedIn pages.

If you need help cleaning this, you can call us at (847)728-0214 or email directly at: traef@wewatchyourwebsite.com

Thank you.