We have logged few websites infected with a new injected javascript code that seems to target mainly the websites powered with WordPress and Joomla. Below there is a screenshot of the malicious script: As we can see from the image above, the injected code starts with: <!--Injection_head[SessionID=...]--> And it ends with: ...
Continue reading...

Our sandbox has logged various domains with suffix .COM.BR infected with a malicious obfuscated javascript code, that is injected at begin of the HTML pages of the websites, before the initial <html> tag: The malicious script redirects the users to a malicious URL: hxxp:// bylviha .ru/count18.php An example of websites inf...
Continue reading...