A couple of injection attacks seem to be in progress, I haven't quite got to the bottom of them yet.. but you might want to block the following domains:
fsv-hoopte-winsen.de
grupocbi.com
These are hosted on 82.165.77.21 and 72.47.228.162 respectively.
The malware is resistant to automated tools and redirects improperly-formed attempt to analyse it to Bing [1][2]. The malware is appended to hacked .js files on target sites and looks similar to this:
This sort of attack has been used to push fake software updates in the past. Even though I can't quite get to the bottom of this at the moment, you can be pretty sure that this is Nothing Good and I would recommend blocking these domains.
출처 : blog.dynamoo.com
728x90
댓글