Exploited Websites Serving Links To The BlackHole Exploit Kit

The following list of websites have been compromised by means of vulnerable, exploitable software which was installed by their owners, or Webmasters, but not updated when patches for certain vulnerabilities were released.

I don't have time to follow-up on the status of all of these URLs. Therefore, although a domain on the list was compromised when I added it, the owners may have cleaned and secured it by the time you read this (or it may have been taken offline).

On the other hand, if you arrived here because you saw your website listed as compromised in a search result, or someone told you about it, you probably have a lot of cleanup and security work to do. Your server, or website was compromised by hackers, by means of some exploitable software installed by you, or your Webmaster, or your web host.

I am not going to advise you about particulars, other than to recommend that you try the Qualys Vulnerability Assessment Scanner service on all of your registered websites. You will need to contact your web hosting company's support department, or hire a professional PHP software troubleshooter to find out how you got hacked. Not only must the infected files and folders be removed, but the vulnerable software that allowed it in must be patched, or replaced with something more up to date and not vulnerable to those common exploits.

If you need your nose pointed in the right direction, use my search box below to "find and fix php vulnerabilities."

Search Google for "find and fix php vulnerabilities" (opens in new page/tab)

These domains were recently used in links in email scams leading to the BlackHole Exploit Kit.

If you own a domain on this list and have cleaned up the hostile codes and secured your software and scripts, please contact me to have your domain removed from the list.

Listings last cleaned and updated on Saturday, 09-Nov-2019 00:14:48 CST

WARNING: I have replaced http with h**p in the list of compromised websites below. These URLs are dangerous to visit with JavaScript enabled! They have JavaScript includes that redirect browsers to BlackHole Exploit Kit servers, or actually are hosting the exploit code directly on the listed landing pages.

Link used in email malware link scam on July 6, 2012, and still active as of 5/21/2013!

h**p://playersink.com/hqpLNa8Y/index.html (report filed with web host)
This site has JavaScript redirector files leading to a BlackHole Exploit Kit (report filed)

Created on ... May 17, 2012. Last updated on: Saturday, 09-Nov-2019 00:14:48 CST

Created and maintained by Wiz Feinberg - "Wizcrafts Computer Services"
Please send any inquiries or problem reports to the Webmaster.