Updated: December 30, 2010

The umniktds.ws malware places code and an additional file on website that causes the websites to intermittently redirect to malware. Code is placed in .php files which, when the file is requested in requests another file placed on the website, most often named style.css.php or copper.php, that contains the code that causes the redirect. The folder containing the style.css.php file will also contain other files used in the hack. The malware has so far caused websites to redirect to umniktds.ws, smarttds.ws, or razumtds.ws. We have contaced the domain name register and hoster of the websites about the issue.

Recent Code placed in .php files:

Recent Code placed in style.css.php files:

Related:

Service

• Website Malware Removal

Resources

• Request a Malware Review from Google
• Request a Malware Review from Yahoo
• Request a Malware Review from Bing
• Set Up a Google Malware Warning Email Alert
• Cross-Site Malware Warning
• Unobfuscate JavaScript Malware