Hi Tina and all -
I got this email from a researcher - is this true?
Paula
Waupaca CC -
http://www.wigenweb.org/waupaca
Waushara CC -
http://www.wigenweb.org/waushara/index.htm
Date: Tue, 17 Aug 2010 21:50:09 -0700
From: pcfamilies(a)yahoo.com
Subject: RE: USGenWeb Wisconsin
To: pajolova(a)hotmail.com
Paula,
The USGenWeb Wisconsin contains a Trojan Horse !
Following from *avast! Forum*:
It looks like the site has been hacked, I get two alerts, one on a packed javascript file
being loaded when you visit the page (it has a different malware name JS:ScriptIP-inf and
inserted/injected script).
The second is in the actual home page, this is an obfuscated script tag inserted after the
Body tag on the same line and goes on for a long way (see image I have broken it onto
another line to show where it is).
See image2 for a decoded result of what and where this obfuscated script is going, I
don't know if this is intended/legit for the site, but I find little reason to
obfuscate javascript (a plain language form of scripting) in this way, what are they
hiding.
The site it is pointing at is located in China and doesn't have a very good reputation
(the same for most of its sub-domains also)
http://www.mywot.com/en/scorecard/serveblog.net,
http://www.google.com/search?q=serveblog.net.
Very few AVs are actually looking at this and less capable of detection.
http://www.virustotal.com/file-scan/report.html?id=049bbf3c0fa2944b895f11...
Myron
Myron M. Felckowski
Portage County Families
http://www.bigalke.biz/
1540 Torun Road, Lot 128
Stevens Point, WI 54482-9484
715-341-4059
--- On Tue, 8/17/10, Paula <pajolova(a)hotmail.com> wrote:
From: Paula <pajolova(a)hotmail.com
Subject:
RE: USGenWeb Wisconsin
To: "Myron M. Felckowski" <pcfamilies(a)yahoo.com
Date:
Tuesday, August 17, 2010, 10:04 AM
I have checked and do not find a problem.
Paula
Waupaca CC -
http://www.wigenweb.org/waupaca
Waushara CC -
http://www.wigenweb.org/waushara/index.htm
Date: Tue, 17 Aug 2010 05:49:13 -0700
From: pcfamilies(a)yahoo.com
Subject: USGenWeb Wisconsin
To: pajolova(a)hotmail.com
Paula,
Attempted to access the USGenWeb Wisconsin.
My Anti-Virus blocked the site because it claims they contain a Trojan Horse.
I am able to access all abutting states Illinois, Iowa, Michigan and Minnesota.
I could not find any contact information on the USGenWeb home page.
Would you know whom to contact ?
Myron
Myron M. Felckowski
Portage County Families
http://www.bigalke.biz/
1540 Torun Road, Lot 128
Stevens Point, WI 54482-9484
715-341-4059