Description: Javascript encoded used to hide an iframe.
It uses javascript to read an encoded text from inside the html page. Once
decoded, it loads a malicious iframe to the site visitor.
Domains used to host the malware:
http://moshonken.com (and many others)
Affecting: Any web site (no specific target)
Malware sample: