India's Rajasthan State Co-operative Marketing Federation Ltd (https://rajfed.gov.in/) has been infected with a malicious script tag. This government site promotes the objectives of procuring agricultural produce from farmers through the member societies on support prices declared by the Govt. of India. Here is the home page of this site:
The Hacker News

The malicious script has been injected at the bottom of this page. Here is the screenshot of source page,
The Hacker News

Below, you can see a decoded version of the script using Malzilla. ( https://malzilla.sourceforge.net/ )

The Hacker News


The decoded script tag leads to JavaScript from "hxxp://cs.cskick.cn/cs/sc.js". Currently, this malicious site is down. A quick Google search for this domain shows that it has been involved with malicious activity in the past. Trend Micro has issued a report for a separate threat hosted at that same domain.

Submitted by : Umesh

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.