India’s Rajasthan State Co-operative Marketing Federation Ltd (http://rajfed.gov.in/) has been infected with a malicious script tag. This government site promotes the objectives of procuring agricultural produce from farmers through the member societies on support prices declared by the Govt. of India. Here is the home page of this site:

The malicious script has been injected at the bottom of this page. Here is the screenshot of source page,

Below, you can see a decoded version of the script using Malzilla. ( http://malzilla.sourceforge.net/ )



The decoded script tag leads to JavaScript from “hxxp://cs.cskick.cn/cs/sc.js”. Currently, this malicious site is down. A quick Google search for this domain shows that it has been involved with malicious activity in the past. Trend Micro has issued a report for a separate threat hosted at that same domain.

Submitted by : Umesh

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.