WordPress site attacked
A customers WordPress site is displaying ads again.
Don’t have all the information, but there were links to www.superfish.com. This site turns out be some visual recognition software.
Here is some of the code in the page that I believe is linked to the attack.
<iframe src=”http://www.superfish.com/ws/userData.jsp?dlsource=wjfudcm&userid=NTBCNTBC&ver=2015.1.15.13.57″ style=”position: absolute; top: -100px; left: -100px; z-index: -10; border: medium none; visibility: hidden; width: 1px; height: 1px;”></iframe>
The code for the box was just above the ending body tag. Below is some of the code that was found.
<div id=”similarproducts_side_slider“ class=”__similarproducts similarproducts_side_slider false“ style=”right: 0px;“>
<div class=”side_slider_header“><div class=”header_tongue“>
<div class=”vertical_text“>Deals</div><div class=”offers_count“></div><div class=”unit_title“>Special Deals</div>
<div class=”x _close_unit“></div>
<div class=”collapse _collapse“></div>
<div class=”expand _expand“></div>
<div class=”side_slider_header“><div class=”header_tongue“>
<div class=”vertical_text“>Deals</div><div class=”offers_count“></div><div class=”unit_title“>Special Deals</div>
<div class=”x _close_unit“></div>
<div class=”collapse _collapse“></div>
<div class=”expand _expand“></div>
Will try to post more info if I can.
0 Comments