Jump to content

Recommended Posts

I have a simple asp.net website. Recently, I have noticed it adds one div with an anchor tag to an external. I have also noticed another link of apparent jQuery file from a thirdparty site that obviously is not a jQuery at all. So when clicked anywhere on my site - another tab is opened to redirect to the third party site. I have checked within the code for any clue of the urls that are being added - with no luck. Following are the suspicious div and url. Will be much appreciated if anyone can suggest anything - how it is being injected or how I can find it ?

1686105907700.png

<div id="div642028" style="width: 100%; height: 100%; position: fixed; left: 0px; top: 0px; z-index: 99999999;"><a href="http://c822c1b63853ed273b89687ac505f9fa.onepro.club/redirect?u=aHR0cHM6Ly91cy51c2FkYXkuYml6Lz91dG1fbWVkaXVtPTYyMTQ0MzY3OGNlNzI1YzE1NjkxMjgzMTdlNDA3ZDg4ODI2NWVkZGUmdXRtX2NhbXBhaWduPW15Y2Ft" target="_blank" style="display: block; width:100%; height: 100%; cursor: default"></a></div>

1686106258168.png

https://abu.usaday.biz/jquery-3.6.0.min.js

I can see some reference for these urls as potential malware reporting :

 

Ref: https://www.virustotal.com/gui/url/5bf7d472c484efae33e45e33373c06cf515508afa7f76782d5016cd1fc8f0df3/detection https://www.virustotal.com/gui/url/6ab9b7111a9015aec417d92de6b93c659230f25db64e479fdc14f4676fc6f081/community https://hybrid-analysis.com/sample/957448b513c4403ae13f7d0d6c19c70f13c92a1f9664e41f39521dd51e80adda

 

 

Link to post
Share on other sites

2 minutes ago, thefrnd said:

I asked for some expert advice so that I can detect how this code is being injected - and possibly how I can rectify it.

That is not what we are here to do. This section is to assist home users to clean their infected systems.

This entire forum is dedicated to the support of Malwarebytes products.

Honesty you might find better free assistance here. https://www.bleepingcomputer.com/forums/f/38/web-site-development/

  • Like 2
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.