avast? Webshield detects JS:HideMe-I-[Trj]

Trojans detected:
Object: htxp://amor.la/
SHA1: 62eed74ce6579310f173d94409c650be985ceb7b
Name: TrojWare.JS.Agent.caa
Read on this threat: http://stayaway2.blogspot.com/search/label/TrojWare.JS.Agent.caa
link source: aappb.info

Even detected on jsunpack and Sucuri scan results.
Site infested via stats.wordpress.com/e-201437.jshttp://linkeddata.informatik.hu-berlin.de/uridbg/index.php?url=http%3A%2F%2Fstats.wordpress.com%2Fe-201437.js&useragentheader=&acceptheader=

polonus

VirusTotal
https://www.virustotal.com/nb/file/24b9cfeecb0af6bdba2469baf1a4f191ad398e7bfe628edb6faff943e22d4671/analysis/1410272659/

Hi Pondus,

That is funny, VT comes up with JS:HideLink-A [Trj], my Webshield detection JS:HideLink-I [Trj] for the browser executable chrome.exe ;D

polonus

anyway infected with v i a g r a and C i a l i s spam :wink: http://sitecheck.sucuri.net/results/amor.la/