Home Testimonials Company Support 1–888–873–0817
PRICING SUPPORT LOGIN
Home Notes Malware Signatures About

Malware entry: MW:JS:IFRAME:DOCUMENT-WRITE3

Description: A suspicious iframe was identified in the site. It it used to load malware from external PHP files in an attempt to infect anyone visiting the compromised site. The iframe is also hidden via javascript.

This is done to hide the original URL and make it harder for scanners to identify the malware.

Not very common type of malware. Some URLs:



Those are often used to redirect the browser of anyone visiting the site to Fake AV (anti virus). However, since this is a generic rule, the malware can change from site to site.

Affecting: Any web site (no specific target).

Clean up: Nothing specific.

Last update: 2013/Feb

Malware dump:

For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb