[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] what is this?

Dear crazy frog crazy frog,

  Clear  your  computer  from  trojan,  change FTP password for you site
  hosting  access,  because it's stolen, access your hosting account via
  FTP  and remove additional text (usually at the end of the file, after
  </html>) from all HTML/PHP pages.

--Sunday, January 13, 2008, 7:01:34 PM, you wrote to full-disclosure@xxxxxxxxxxxxxxxxx:

cfcf> Hi,

cfcf> Recently on opening one of my site,my antivirus pops up saying that it
cfcf> has found on malicious script.the url is random and i have managed to
cfcf> get tht script.it is using some flaw in apple quick time.
cfcf> u can get the zip file for java script here:
cfcf> http://secgeeks.com/what.zip
cfcf> password is 12345
cfcf> can somebody guide/help me what is this and how can i remove it?

~/ZARAZA http://securityvulns.com/
Стреляя во второй раз, он искалечил постороннего. Посторонним был я. (Твен)