Iframe Bigdeal777(dot)com Mass Infection
Posted by admin on Tuesday, January 31st, 2012 | 9,401 views
Internal honeypots have reported a lot of websites infected with a hidden and malicious iframe code that is added at the end of the HTML tag or before the BODY tag of the page, the malicious iframe looks like this:
Download the iframe code (pass is novirusthanks.org):
Here is a small list of websites infected with this malicious code:
angelofdeath .pl megavid .pl invertus .lt gelincikgiyim .de ganacarne .com strekowagora .cba .pl nurevi .net bijoux-fantaisie-online .com f4c-test .1gb .ru die-baurs .info trenuje24 .pl satalbak .com |
Details about the malicious domain:
Website: bigdeal777 .com Domain Hash: c87366528f961835580ae7c78f4a8903 IP Address: 178.63.141.211 IP Hostname: static.211.141.63.178.clients.your-server.de IP Country: -- (--) AS Number: 24940 AS Name: HETZNER-AS Hetzner Online AG RZ Organization: serveradmin.pl S.C. |
URLVoid report:
Leave a Reply