Hi everybody,
Here is what we found in our database
<script = www.bad name.ru /somejsfile.js>
in some fields. If you try to go to this site (as I decided to check), they immediatelly try to execute some virus.
We're not yet sure of the scope of the problem. This particular page with the fields having this info used parameters for update.
I'm guessing when information is retrieved and if this script is actually executed, it may cause a lot of damage. We're cleaning our tables in the meantime.
Thanks.
The bad name is 3njx.ru Just in case I decided to change it here to bad name .
If it's not broken, fix it until it is.
My Blog