Malware Signatures

  1. Home
  2. Malware Signatures
  3. js.spam-seo.iframe-doorway.001


This script can be found on doorway pages created by hackers. It creates a full window size iframe that loads a third party site (e.g. some e-commerce site that spammers promote).
Variant of iframe-doorways.


Any type of site.


You should remove the doorway files. Usually there is also some infected PHP files that make doorways work differently for bots and human visitors. You can contact Sucuri to help you with the infection removal.


<script>var IN1=window["x64x6fx63x75x6dx65x6ex74"]["x67x65x74x45x6cx65x6dx65x6ex74x42x79x49x64"]("x62x6fx64x79");IN1["x73x74x79x6cx65"]["x76x69x73x69x62x69x6cx69x74x79"]="x76x69x73x69x62x6cx65";IN1["x69x6ex6ex65x72x48x54x4dx4c"]="x3cx69x66x72x61x6dx65 x66x72x61x6dx65...this part may vary...x2Fx3E";</script>