msgbartop
Unmask Parasites - Check your web pages for hidden links, iframes, malicious scripts, unauthorized redirects and other signs of security problems.
msgbarbottom
Loading site search ...

Most Contradictive Doorway Generator

12 Sep 14   Filed in Short Attack Reviews with Comments Off on Most Contradictive Doorway Generator

Check this thread on WordPress.org forum. The topic starter found a suspicious PHP file and asked what it was doing.

The code analysis shows that it’s some sort of a spammy doorway. But it’s a very strange doorway and the way that it works doesn’t make sense to me.
Continue »»

Black Hat SEO for Virus Dissemination.

24 Jan 09   Filed in Website exploits with Comments Off on Black Hat SEO for Virus Dissemination.

In the previous post I talked about the exploit that redirected Googlebot to malicious sites. This time I’ll talk about how I investigated this issue and what I discovered.

This started about a week ago when I noticed a few sites with suspicious redirects in Unmask Parasites reports. There was a chain of two 301 redirects: -> “http://bablo .me .uk/”  -> “http://www. 524045. secki .info/”. Sometimes “bablo me uk” redirected to other sites that always contained a random 6 digit number as a subdomain name.  I decided to find out what was going on. Continue »»