Random Js Virus

Random Js Virus

In late 2009 and early 2010 i have seen a new kind of Attack on websites which Security Companies Named as Random Js Virus. It used to insert a java script code to redirect the page on a rogue website inside tag. Lately they have started putting encrypted code to make it look like a genuine code.

I am still seeing its happening to lost of websites. The main reason are : –

1) Week FTP Passwords

2) FTP traffic in plain text

3) Sql Injection

to do the lease you can use below command to see what kind of traffic is going out from a .js script. Though i recommend using CSF (Config Server Firewall) .

user@> tcpdump -nAs 2048 src port 80 | grep “[a-zA-Z]\{5\}\.js'”

Happy Hacking