Over the last few days, we’ve seen a number of sites getting hacked with a malware script pointing to http://alisa-carter.com/ur.php . It is done using the same SQL injection attack as used in therobint-us mass infection a few months ago.
Multiple domains are being used to distribute the malware, including:
All of them hosted at 220.127.116.11. Google already blacklisted more than 500 sites due to this infection, and the number is growing:
Has this site hosted malware?
Yes, this site has hosted malicious software over the past 90 days. It infected 503 domain(s), including jtjy.com/, hectorandstreak.com/, kpic.or.kr/.
If you have any questions or need help cleaning it up, let us know. If you need immediate clean up assistance, visit our Sign Up page.