Site probably hacked? 

polonus · 2014-05-13T11:46:55.000Z

50.000 websites are being hacked every single day. One example from the Netherlands, provided by http://www.xatrix.org/def.php?d=

See on Xatrix Security: wXw.novisia.nl was hacked and defaced on Thu, 08 May 2014 23:12:11 +0200.
Following a submitted report from a group or an individual called d3b~X (Indonesian ftp /~gif hack), our robots made a screenshot of the website.
At that time, the website’s IP address was 92.68.241.67 which places it in Netherlands, geographically.
See: http://dev.badips.com/info/92.68.241.67
Scan results: http://killmalware.com/www.novisia.nl/ → http://toolbar.netcraft.com/site_report?url=http://www.novisia.nl
Probably via a [nagios]check_ssh -p hack *
Offline now: http://urlquery.net/report.php?id=1399980396495 - empty response received for htxp://www.novisia.nl/
Reminder of compromittal: htxp://www.novisia.nl/test404page.js
500 Can’t connect to www.novisia.nl:80 (Ð’ ÑÐ¾ÐµÐ´Ð¸Ð½ÐµÐ½Ð¸Ð¸ Ð¾Ñ‚ÐºÐ°Ð·Ð°Ð½Ð¾) *
Content-Length: 208
Content-Type: text/plain
DNS check for hoster: http://dnscheck.sidn.nl/?time=1399980661&id=1750282&view=basic&test=standard
→ http://toolbar.netcraft.com/site_report?url=http://remote.hocsite.com

polonus

polonus · 2014-05-13T13:17:23.000Z

This site has been hacked in the past and might just still be vulnerable (Joomla insecurities via JCE’s Joomla extension vulnerabilities,
maliciousJavascript Injections.
For the hack and defacement see: http://www.xatrix.org/def.php?d=www.superdach.pl

pol

polonus · 2014-05-13T21:59:05.000Z

Not detected on VT: htxp://desifactor.co.uk/
See detection here: http://maldb.com/desifactor.co.uk/#
Not flagged by avast!

Defacement check: Suspicion

pol

Announcements