More Fake jQuery sites –

We keep seeing fake jQuery sites popping up and being used to distributemalware. One was, other was and the new oneis (

And this new one seems to be affecting many web sites in the last few days. All of them have the following on their header or index.php files: = "httx://"

Which redirects any visitor to the web site to where it is then sent to other random spammy domains (seems like a TDS is in place).

Update:We are also seeing some sites with this javascript file being included:, which just redirects back to via the same in javascript.

*Note that the domain was just registered (20-nov-2012), so it is not being flagged anywhere.

**The official jquery sites are or Other variations are likely fake.

Leave a Reply