Website hacked and defaced...

Viruses and worms
1

See: http://killmalware.com/seoyoop.com/#
Javascript Check:
Suspicious

ipt language=“javascript”> document.write(unescape("\x3c\x6c\x69\x6e\x6b\x20\x68\x72\x65\x66\x3d\x22\x68\x74\x74\x70\x3a\x2f\x2f\x69\x33\x39\etc.

Defacement check: Suspicion of Defacement

rel=“shortcut icon”> hacked by toxic phantom from bangladesh black hat hackers <body bgcolor="#0

404 error check:
uspicious

Suspicious 404 Page:
document.write(unescape("\x3c\x6c\x69\x6e\x6b\x20\x68\x72\x65\x66\x3d\x22\x68\x74\x74\x70\x3a\x2f\x2f\x69\x33\x39\x2e\x → http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.seoyoop.com%2F404testpage4525d2fdc
and
http://www.domxssscanner.com/scan?url=http%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike.php%3Fhref%3Dhttps%3A%2F%2Fwww.facebook.com%2FBangladeshBlackHat%26amp%3Blayout%3Dbox_count%26amp%3Bshow_faces%3Dfalse%26amp%3Bwidth%3D55%26amp%3Baction%3Dlike%26amp%3Bcolorscheme%3Dlight%26amp%3Bheight%3D65%26amp%3Blocale%3Den_US

Malware script: File name: index.html

[[\x73\x63\x72\x69\x70\x74]]

Severity: Suspicious
Reason: Detected encoded JavaScript code commonly used to hide suspicious behaviour.
Details: Generic suspicious HEX encoder
Injected Obfuscated Script.

polonus

2

Update - this hack has been performed here as well: http://www.site-scan.com/eng/show_headers.php?REQUEST=GET&URL=http://darcywilkin.com&MODIFIED=0
http://toolbar.netcraft.com/site_report?url=http://darcywilkin.com
For the similar code see source here: http://fetch.scritch.org/%2Bfetch/?url=http%3A%2F%2Fdarcywilkin.com&useragent=Fetch+useragent&accept_encoding=
Technology used: -darcywilkin.com
Web Servers
Apache
Usage Statistics · Websites using Apache
Apache has been the most popular web server on the Internet since April 1996.
Email Hosting Providers
DreamHost
Usage Statistics · Websites using DreamHost
Email hosting with domain purchases.
Web Hosting Providers
DreamHost Hosting
Usage Statistics · Websites using DreamHost Hosting
Shared, VPS and dedicated hosting solution
Frameworks
Shockwave Flash Embed
Usage Statistics · Websites using Shockwave Flash Embed
The website contains Adobe Flash content embeded without the use of JavaScript.
Content Delivery Network
Facebook CDN
Usage Statistics · Websites using Facebook CDN
This page has content that links to the Facebook content delivery network.

pol