GoFuckYourself.com - Adult Webmaster Forum - Is this installing trojans?

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)

- Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)

- - Is this installing trojans? (https://gfy.com/showthread.php?t=714575)

Dood	03-14-2007 10:30 AM

Is this installing trojans?

Found this in the head of a site but nothing else on the page looks suspicious.

Wonder what it's for?

Code:

<script language="javascript" src="BKDR_DARKFTP.exe.js"></script>

<link rel="stylesheet" type="text/css" href="Troj_Garlic.0.exe.css" />

Quickdraw

03-14-2007 10:35 AM

Doesn't look promising.

http://www.pestpatrol.com/spywarecen...t.aspx?id=1495
http://www.trendmicro.com/vinfo/viru...=TROJ_GARLIC.B

Vick!

03-14-2007 12:57 PM

Can not be said anything unless we could see the content of BKDR_DARKFTP.exe.js

Name seems suspicious though, but I think its OK, the coder seems to have habit of such naming. Look at the name of style sheet.

Gaybucks

03-14-2007 04:58 PM

Looks like it's malware.

http://origin.trendmicro.com/vinfo/v...FTP.16&VSect=T

StarkReality

03-14-2007 05:05 PM

My guess: It's just a normal script that doesn't do any harm and the coder named it like a trojan. It's too obvious for a real trojan, this guy probably thinks this way noone wants to steal his JS...

Dood	03-14-2007 11:23 PM

Yeah I asked the guy and he said he named it that to keep anyone from stealing his code.

I guess it would be dumb to so obviously use those names if you're really trying to install trojans or something malicous. That would be like a lawyer naming his office "We'll screw you over" or an affiliate program saying "We only skim a small percentage of your sales".

All times are GMT -7. The time now is 08:24 AM.