The ubiquitous Baidu promotion alliance code Trojan horse horse

woke up this morning, each routine check my website, found all my sites is linked to the horse, when I visit the computer antivirus software will alarm.

all my sites use different IP, different site procedures, is also linked to this case, really strange. Analysis, my site has access to cnzz, statistics, Baidu website, union advertising, Google, Adsense, these 3 kinds of code have this kind of code, so trojan is likely to come from here.

Google Adsense is my analysis, there is little possibility of the horse, so I am the first investigation of the other two. I first removed the code for cnzz access statistics on a web site, but there were still viruses that excluded access statistics. Then remove the Baidu alliance advertising code, the site will be no virus. Conclusion it is really unbelievable, that is, Baidu alliance code

is linked to the horse!

my "Tan net" is placed at the bottom of 4 Baidu alliance cooperation promotion advertising: anti-virus software, Symantec AntiVirus software, terminator registration, koowo. I take one by one test found that the virus code from AhnLab cooperative extension.

ad code file is (embrex watch URL file is placed on Baidu servers), open the file in the browser, Baidu antivirus software will alarm view the style1446.jsp file on the server page source code, find an embedded JS file.

The embedded

file is not a Trojan horse, it is a file embrex advertising products.

I will

the wm.js file to download to a local, use Notepad to open the code, found at the back of the file, after adding a lot of blank lines, and is embedded in a 1.htm file, this file is the bad guy hanging horse.

as of 24 7:30 in the morning, I submitted in this article, this trojan is not Baidu or embrex removal.

and I remind you of the horse, the behavior has violated the criminal law, is a serious criminal offence. Justice has long arms, if you have more sophisticated technology, one day will pay dearly for your behavior! Early to quit,

good for self-knowledge!

Leave a Reply

Your email address will not be published. Required fields are marked *