Hi folks,
I entered the wXw.whizlabs.com site for one of their product, and got a warning.
Is that site really a threat?
Thanks.
Hi folks,
I entered the wXw.whizlabs.com site for one of their product, and got a warning.
Is that site really a threat?
Thanks.
The site appears to have been hacked, not good when it is flying the McAfee Secure logo ;D
After the closing HTML tag (a standards no, no) there is a hidden iframe tag, that I doubt is a legit counter going to hXXp://internetcountercheck.com.
Please ‘modify’ your post change the URL from www to wXw, to break the link and avoid accidental exposure to suspect sites, thanks.
avast’s network shield also has hXXp://internetcountercheck.com and firefox’s safe browsing function doesn’t like that site either.
Also see https://safeweb.norton.com/report/show?url=http%3A%2F%2Finternetcountercheck.com&x=12&y=8
Thanks for your feedback. I have sent an email to those guys. I hope they’ll come up with a fix.
Hi udy,
Just to second DavidR here.
References to 1 suspicious domain found.
1 hidden external link found.
^IFrame^ hidden link - hxtp://internetcountercheck.com/..?click=2450484
which is empty source - could not connect to site…
Malicious software includes 1 scripting exploit(s).
This site was hosted on 2 network(s) including AS15244 (ADDD2NET), AS21844 (THEPLANET).
It looks like it that wXw.whizlabs.com’s malicous software has further infested one domain: e.g. tucows.in/. About the malware downloader JS.Tabletka.a read:
http://forum.kaspersky.com/lofiversion/index.php/t89433.html
About this sudden hack, read: http://wordpress.org/support/topic/243838
polonus
Yes, it is.
“HTML/Infected.WebPage.Gen - Malware” found in the page.
Description:
A common attack against the web infrastructure can be the infection of harmless web pages. Some malware changes every HTML file stored on the disc and adds a link (very often an IFrame) to a site hosting malicious code. Other attacks can aim for the web servers and try to insert forwarding to the pages hosted there. The owner of these pages is advised to take them offline. Fix the hole (either on his own PC or on the server), check the pages for infections, clean them and go online again. Infected Web Pages often contain additional Iframe, Object or Script Tags. The Script Tags often contain encrypted Code.