I received a call from a client regarding malware on his customer’s website. It redirects to http:// stecdon . ru/ and displays the fake “your computer has been infected” page that resembles a security software.
I have yet been able to contact the owner of the website regarding the malware.
I’ll post more details when I have it.
UPDATE:
The same infected site redirests to:
- tropas dot ru
- stecdon dot ru
90403
Were you using Joomla ?
It’s not mine. But this particular site is not using Joomla.
The hack is in the .htaccess file.