Javascript in blog comment submissions

I have had a problem with blog comment submissions to our site. Something is adding in this code with javascript tags: if(typeof(dstb)!= "undefined"){ dstb();}  
If I search the web I find it in many forum type submissions - but no description of what it is or any reference  to it as a virus/worm problem.
 I can't find it in any source code that our site is using. It might be associated with pasting Word code into a textarea box in IE8, but that is just a guess.
Does anyone recognize what it is?

<script type="javascript">if(typeof(dstb)!= "undefined"){ dstb();}  </javascript>

Open in new window

asaworkerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Shalom CarmelCTOCommented:
I an not 100% sure what code the dstb object includes, but it looks like phase II of an attack on your blog.
dstb is probably part of the infection package, and this javascript will trigger it if it has infected your web site.

you should scrub all submissions to your blogs and forums for malicious content like this. At the very least, upgrade your blog software to the latest versions regularly, because all active blogs and forums packages are regularly maintained to protect against such attacks.

If you use apache and control your own server, set up mod_security. If you are in a shared environment, ask your ISP if mod_security is installed and enabled.

ShalomC
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
asaworkerAuthor Commented:
It turns out we have a user internally who uses our web-based portal to access out forms. That web-based portal adds that into everything, even e-mails if you view the body.
0
Shalom CarmelCTOCommented:
:)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Development

From novice to tech pro — start learning today.