Iframe Alias(dot)jjbworks(dot)com Mass Infection
Posted by admin on Tuesday, January 31st, 2012 | 22,091 views
Another hidden and malicious iframe is spreading by infecting websites:
The iframe code is added before the BODY tag of the HTML page and is obfuscated:
The extracted malicious link is:
hxxp://alias .jjbworks .com/analytics.php |
Details about the malicious domain:
Website: alias .jjbworks .com Domain Hash: 2f8f518cb5d452fca78b8c11b3a53913 IP Address: 68.68.20.114 [SCAN] IP Hostname: 68.68.20.114.customer.bluemilenetworks.com IP Country: -- (--) AS Number: 11013 AS Name: BLUE-AS - Bluemile, Inc |
URLVoid report:
http://www.urlvoid.com/scan/alias.jjbworks.com
Websites infected with this malicious code:
sosumo .net |
URLVoid report:
Leave a Reply