Javascript injection detected by Kaspersky but not Bitdefender, I would like to submit it

Hi,

We had an intrusion in our website throught our cms (not sure for now) and a javascript code was injected into the head element of all page to get user data and cookies, our clients/visitors with the Kaspersky protection alerted us with this reference from Kaspersky:

I found the script an removed it.

On my Macbook pro I have the Bitdefender Endpoint protection that our enterprise bought for the devices that employees use (on my advice). At home, I'm protected with the Internet protection (proud client since ~15 years) ans I a bit surprise that none of them detected the problem on our website.

So I would like to submit the script to Bitdenfender so they can add it to their detection library.

I already made a submission here:

https://www.bitdefender.com/consumer/support/answer/29358/

but there was no place to explain exactly what happen and I had to submit the javascript as a file because it was removed from the website, so I decided to add this information here.

I would be interesseted to get feedback on tha validity of the script because I'm a developper and I'm not sure this code can really hurt as I don't find how it send the data (but it is obfuscated and parsed with hexadecimal value so it is hard to read, I can share if anyone is interested).

Thank you

Comments

Featured content

bitdefender review banner

Romance Fraudster in UK to Spend 2 Years Behind Bars

A serial romance fraudster was sentenced to 28 months in prison for conning several women out of £20,000.

Read more
bitdefender review banner

Europol Shuts Down Hackers’ Favorite VPN Service

Europol earlier this week coordinated joint action to take down VPNLab.net.

Read more
bitdefender review banner

Top Five Security Tips for Mac Users in 2022

In this simple guide, we look at five basic cybersecurity hygiene practices every Mac user should read, and use,in 2022.

Read more