I’ve discovered a new emerging malware attack today. Actually two attacks, but in this post I’ll review only one of them – server-wide goscanpark .com/goscansoon .com meta redirects.
I discovered this attack when checked Unmask Parasites logs. I noticed that many unrelated websites contained the same suspicious script so I decided to investigate this issue. The investigation is not complete yet but I think the information I’ve already collected will be useful for owners of compromised web sites. And I hope the missing parts will be added by you, the readers. Update ( July 27, 2009) : the comments are really very informative. make sure to read them.