See: http://killmalware.com/mm.co.kr/#
Avast detects as JS:Includer-ALZ [Trj]
Detected and blacklisted: https://www.virustotal.com/nl/url/1139468f679cdcc00d5d318e8b64ab4f4fe9eb142afb93318f9713161f05f346/analysis/1418422358/
Vlacklisted and potentially harmful: http://sitecheck.sucuri.net/results/mm.co.kr
Three warnings on this scan: https://asafaweb.com/Scan?Url=mm.co.kr
Vulnerabilities: http://www.domxssscanner.com/scan?url=http%3A%2F%2Fmm.co.kr%2F
Read: http://blog.detectify.com/post/35208929112/how-to-exploit-an-xss (e.g. .innerHTML =)
More details here: http://quttera.com/detailed_report/mm.co.kr
Two instances of Severity: Malicious
Reason: Detected malicious PHP content
Details: Detected malicious iframe injection
See the vulnerable PHP code: http://jsunpack.jeek.org/?report=ab6cec16317eeaf4e09b50c52308132195978f3c
For security research only, open with NoScript extension active and inside a V</sandbox.
certain output buffer configurations issues. JSfile/newXMLHttpRequest.js WebAPI interface XSS
Results from scanning URL: http://mm.co.kr/
Number of sources found: 54
Number of sinks found: 1673
See: http://zerocert.org/?code=f1177c83e0cb8c8b9e5e7e7e4ddaa0c25e6980a71a2fec22e1ad88fe2b8ec58b
Very explicit website scan (have bookmarked): http://zerocert.org/?code=f1177c83e0cb8c8b9e5e7e7e4ddaa0c25e6980a71a2fec22e1ad88fe2b8ec58b

polonus

polonus