See: http://evuln.com/tools/malware-scanner/www.nqok.com/rescan/ and also flagged here: http://sitecheck.sucuri.net/results/www.nqok.com/ security warnings flagged: https://asafaweb.com/Scan?Url=www.nqok.com The infection campaign: http://evuln.com/labs/iddqd.compress.to/ How WP was targeted can be reconstructed from another example here: http://ninjamonitoring.com/malware/index.php?threat=2013-05-25.01 and read about here: http://www.webhostingtalk.com/showthread.php?t=1269454 (posted by Zixt) search for “$qazplm=headers_sent();”… also see threat description: http://labs.sucuri.net/db/malware/malware-entry-mwblacklisted35 avast! does not block site nor redirection site. Redirection site is being blocked by Bitdefender’s TrafficLight! → https://www.virustotal.com/nl/url/b87ea290ce72697cf03c57a6c947bdce1ae9387043991f21cbe0106dfa5caf65/analysis/1390687428/ (0/0)
polonus