Be careful while including jQuery libraries in your website. Security researchers at Sucuri come across a fake jquery website(jQuerys.org) that serves redirection to malware sites. Did you notice 's' at the end of domain name?
If you click on the domain, it does a simple redirect to the correct jQuery website – jquery.com. But it hosts fake jQuery libraries.
The fake jQuery script (www.jquerys.org/class/jquery-1.6.3.min.js) may look fairly legit. After analyzing the code, researchers found a code that loads the malicious websites.
"Ultimately the fake jQuery script loads a window that pops up the www.watchliveonline.org website. From some quick research we could see that this is nothing new, it has been active for over a month. The ultimate risk from what we could tell is the pop up leads you to a spammy site, no payload or other issues were found at time of analysis." Researchers wrote.
Security Tips:
- Check your jQuery includes to make sure they are are from a legit source. If they are coming from jquerys.com, remove it immediately.
- Scan your site with Sucuri SiteCheck.
