Description: Javascript encoded used to hide an iframe.
It uses javascript to read an encoded text from inside the html page. Once
decoded, it loads a malicious iframe to the site visitor.
Domains used to host the malware:
http://mykasker.com (and many others)
Affecting: OpenX ad servers.
Malware sample: