Home Testimonials Company Support 1–888–873–0817
Home Notes Malware Signatures About

Malware entry: MW:IFRAME:HD203


Javascript encoded to hide an iframe from multiple sources. Including:

This is used to load malware from external web sites while not being visible to the user. It is also known as Trojan.JS.Iframe on different anti virus products.

Also related to this malware: http://sucuri.net/malware-injection-sidename-js.html (that generates the Blackhole exploit alert on some AVs).


Any web site

Clean up:

This malware is generally hidden on .js or .php files with heavy encoding. Searching/replacing what the scanner identified should fix it. If not, contact our support team for help.


Malware dump (sample of malware):

For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb