First a definition: An inline frame (iframe) is used to embed another document within the current HTML document.
Why is it used by the "bad guys"? Because as the definition implies, it allows you to insert another document inside the current HTML page. And the attackers use that feature to insert malicious content into the compromised sites (to redirect to spam, exploit kits, Fake AV, phishing, etc).
Iframes can be injected and hidden in different ways inside web sites, but this is how it looks to the web browser (if you use view-source):