Javascript infection on site?

Viruses and worms
1

See: https://www.virustotal.com/nl/url/b89edce510d4be794a557411be0eae90407cec4d909f0a184111c6f5c58658a2/analysis/
Bitdefender TrafficLight blocks site as malicious.

Quttera detects:
ie7-js.googlecode.com/svn/version/2.0(beta3)/IE8.js
Severity: Potentially Suspicious
Reason: Detected potentially suspicious content.
Details: Detected potentially suspicious initialization of function pointer to JavaScript method String.replace __tmpvar38259350 = String.replace;
Threat dump:-> http://jsunpack.jeek.org/?report=e9d7a10cd624d39716638f09c0d3b576b37baf9a
File size[byte]: 38172
File type: ASCII
MD5: 4ABBDAC7BA74EAFF612B6C389D11F427
Scan duration[sec]: 0.524000
Suspicious javascript: Suspicious

ase href=“http://www.shantinet.ru/”> <link rel=“stylesheet” href=“css/style.css” type=“text/css” media="…
Suspicious 404 error → Suspicious → http://jsunpack.jeek.org/?report=de237891956b1f8689f1baf6ecca4ff930d7e555

Suspicious 404 Page:
.ru/"> <link rel=“stylesheet” href="css/styl

Malware on IP: http://support.clean-mx.de/clean-mx/viruses.php?id=10341903
avast deyects as HTML:Iframe-ABI [Trj]

polonus
2

This could be used in a javascript SQL injection attack:


create or replace function
js(src text) returns text as $$
  return eval(
  "(function() { " + src + "})"
  )();
$$ LANGUAGE plv8;

code info by craig kerstiens PostgreSQL curator

polonus