"gwProxy" Code: Legitimate or malicious?

A "gwProxy" code has been recently detected in some blogs and websites. Try to search it in Google and a number of websites with evident signs will be discovered. In Blogger, this code is not seen when in Compose mode but appears when the Edit Html method is used. The alarming part is that no one anywhere has confirmed whether or not it is legitimate.

The code we are referring to looks like the following:
<input id="gwProxy" type="hidden"><!--Session data--><input onclick="jsCall();" id="jsProxy" type="hidden"><div id="refHTML"></div>
If you have encountered this code, kindly leave a comment so we can probably discuss it. We would like to know the answers to a few fundamental questions, as follows:

1. Is it a new feature from Blogger or a widget?
2. Is it a legitimate code or a malicious one?
3. Is it a new virus or a spyware?
4. Is it browser based?

We will conduct a research, for educational purposes, and hopefully come up with a finding. As it is deemed vital, any comment pertinent to this code is encouraged.

Screenshot:
gwProxy code
Update: 12/23/09

This blog since posted on May 2, 2009 is getting good responses. And I think everyone will agree that disabling/uninstalling the firefox Browser Highlighter plugin resolves this issue.

Thanks guys for your inputs. Happy holidays!

Enter your email address to receive the latest news daily!

Subscribe via reader

Posted by: Coolbuster on Saturday, May 02, 2009
Tags: , ,
News & Journalism - Top Blogs Philippines
Blog Buzzer

  © 2012 Coolbuster Profile Blogger Archive Disclaimer Disclosure Privacy Policy Theme Contact Us