See: https://www.virustotal.com/en/url/666654b5d211ca3d99430006c73254dea531235995751123cf4090d63a443db2/analysis/ and https://www.virustotal.com/en/url/666654b5d211ca3d99430006c73254dea531235995751123cf4090d63a443db2/analysis/1378320754/ See: https://www.virustotal.com/en/ip-address/206.188.192.140/information/ Warning for WordPress theme: http://laurenmanning.com/wordpress/wp-content/themes/Avada/ Wordpress internal path: /data/4/0/160/85/323900/user/329820/htdocs/wordpress/wp-content/themes/Avada/index.php There is huge vulnerability in LayerSlider 3.5 that allows anyone remove it without access to admin, users have to upgrade to vs 3.6 Vulnerable to iFramehack Existing malware apparently has been closed: http://support.clean-mx.de/clean-mx/viruses.php?sort=firstseen%20desc&review=206.188.192.140 Given as malicious here: http://zulu.zscaler.com/submission/show/124b5e308abff11b3545b3842617b48a-1378321709 laurenmanning.com/wordpress/wp-content/themes/Avada/js/jquery.waypoint.js?ver=3.5.2 benign [nothing detected] (script) laurenmanning.com/wordpress/wp-content/themes/Avada/js/jquery.waypoint.js?ver=3.5.2 status: (referer=laurenmanning.com/)saved 8044 bytes c0c0d473a9bc5a9739f8f44158027d34e31bd642 info: [decodingLevel=0] found JavaScript error: undefined function n suspicious:
polonus
Another one flagged by VirusWatch and suspicious code here: japtou.com/catalog/view/javascript/jquery/thickbox/thickbox-compressed.js benign [nothing detected] (script) japtou.com/catalog/view/javascript/jquery/thickbox/thickbox-compressed.js status: (referer=japtou.com/)saved 5542 bytes 1918cbf68f5221864f8d67c912965b1475c100af info: [decodingLevel=0] found JavaScript suspicious: (vulnerability → http://forum.opencart.com/viewtopic.php?f=31&t=20365&p=100445 The description only avaliable via Google cache (removed) -:https://github.com/wpscanteam/wpscan/blob/master/doc_yard/WpItem/Vulnerable.html%2BWpItem/Vulnerable.html&oe=utf-8&hl=en&ct=clnk Nothing flagged here: http://zulu.zscaler.com/submission/show/a4b45918e23cb36ae382bf3c46d458e1-1378323017