Malware Domain List

Malware Related => Compromised Servers => Topic started by: magcube on May 20, 2009, 07:54:48 pm

Title: iframe?
Post by: magcube on May 20, 2009, 07:54:48 pm

I found this site after trying to research a strange iframe code that has been inserted into some of my site's pages calling the domain in an iframe.

Does anyone know what exactly this does and how can I tell if I have it completely off of my server?   Is it just a matter of removing the iframe code from the compromised pages?  I can't seem to find any other infected files.

Title: Re: iframe?
Post by: MysteryFCM on May 20, 2009, 08:15:46 pm
This particular one doesn't seem to do anything as bad as the gumblar/martuz one floating about, but I'd still recommend doing a complete restoration of the site from backup if possible as what I can find, indicates it modifies both the files, and the database.

Aswell of course, as changing any FTP/cPanel etc etc passwords.