SiteCheck Signatures

  1. Home
  2. Signatures
  3. SiteCheck Signatures
  4. malware-entry-mwiframehd39

malware-entry-mwiframehd39

Description: Javascript encoded used to hide an iframe.

It uses javascript to read an encoded text from inside the html page. Once
decoded, it loads a malicious iframe to the site visitor.

Domains used to host the malware:
http://mykasker.com (and many others)

Affecting: OpenX ad servers.

Malware sample: