Quote:
Originally Posted by cavtroop
The site IS infected. Source: I do information security for a living
After a short period of time, it attempts to redirect to a malicious site at "biezebeize.be"
I would not visit the warflail site, and Kato should probably remove the URL from this thread until it gets cleared up.
If anyone knows the author and wants to contact him, this is the bad part of the page: <div align="left"><a name="top"></a> </div><!--74ed9f--><script type="text/javascript" language="javascript" >
it contains an obfuscated javascript (dunno what it does exactly, but it can't be good).
EDIT: after some more research, that malicious javascript redirects users to the infamous Blackhole Exploit Kit: http://labs.sucuri.net/db/malware/ma...lackhole2?v403
You need to avoid that Warflail site at all costs until it's cleaned up. |
I agree that obfuscated code is weird. While the page tests clean on 5 different webbased tests (Norton, MCAfee, Google, etc) it is VERY suspicious. I am going to modify the link so the user needs to make a conscious choice to visit the site. I never like removing information, but if the clicker makes an informed choice to see the information it is in their hands.