SE redirects detected? iFrame malware?

polonus · March 29, 2015, 1:08pm

SE visitors redirects
Visitors from search engines are redirected
to: htxp://dear.lflinkup.com/
1717 sites infected with redirects to this URL
See: https://www.virustotal.com/en/url/46e16b0cbce14913e9f982b892926afe3249fa6a9fb43b1ad79a62127e169a28/analysis/
See: http://quttera.com/detailed_report/www.karatekin.com.tr missed detection
Sucuri has it:
ISSUE DETECTED DEFINITION INFECTED URL
Website Malware malware-entry-mwblacklisted35 htxp://www.karatekin.com.tr/tum-yazarlar
Website Malware malware-entry-mwblacklisted35 htxp://www.karatekin.com.tr/category/sondakika
Website Malware malware-entry-mwblacklisted35 htxp://www.karatekin.com.tr/Twitter Link Giriniz
Suspicious domain detected. Details: http://sucuri.net/malware/malware-entry-mwblacklisted35
Location: htxp://dear.lflinkup.com/

iFrame check: Suspicious

htxp://www.karatekin.com.tr/nm/hava/index.php’
htxp://www.karatekin.com.tr/nm/gokyuzu.php’
htxp://haber-v8.ensarwebtasarim.com/nm/’

Javascript check suspicious:
Suspicious

hava durumu → <iframe style=“margin-bottom:10px” src=“htxp://www.karatekin.com.tr/nm/hava/index.php” height=“192” scrolling=“no” frameb

polonus

Announcements