Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
mascom2013-03-06 09:47:28
Phishing
mascom, 2013-03-06 09:47:28

Cunning phishing

Javascript is embedded in popular pages (for example, vk.com, fb.com) (at the end of the code) and draws a frame over the content of the page itself, in which it offers to receive SMS and enter the code. The address from which this script is taken: htntrailzip.com
After I entered the name of this site in hosts and assigned it 127.0.0.1, almost all pages stopped loading.
Question: where is that muck that embeds this script at the end of the page?
How to treat it?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
Z
ZUZ, 2013-03-06
@mascom

I suggest just banish combofix - 95% that he will kill him and / or use avz

Report
V
Vladimir Martyanov, 2013-03-06
@vilgeforce

Can you send the full page code with a link to htntrailzip.com? It is very necessary from a live machine.
The infection sits in appinit_dlls, a library with a random name, or 105.tmp in some cases.

Similar questions
V
v0ffk2014-07-03 15:19:16
How to "safely" add external links to the site? 0Reply
J
Joseph Goodman2018-12-28 18:20:48
Is it possible to identify a VKontakte user by clicking on a link? 3Reply
P
Pavel Brunki2019-02-19 13:29:28
How to make a domain and website show up in searches and not be identified as spam? 0Reply
M
Maksim2019-02-27 15:39:15
Phishing protection in an e-mail client? 1Reply
S
snowyowl32017-11-27 11:51:49
Criteria for detecting a phishing site by a user? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question