SiteCheck Signatures

  1. Home
  2. Signatures
  3. SiteCheck Signatures
  4. mw-iframe-fakejquery

mw-iframe-fakejquery

Description: A suspicious iframe (malframe) was identified on the site. It tries to hide (pass) as a valid jquery code to make it hard to detect.

Very common injection during 2013 Jun/Jul. Some domains being used in the injection:


http://a3tvdzh114.servepics.com/jquery/get.php?ver=jquery.latest.js
http://t4h77y7.serveftp.com/jquery/get.php?ver=jquery.latest.js
.. a few more..

Those are often used to redirect the browser to SEO spam sites via a TDS. .

Affecting: Any web site (no specific target).

Clean up: Nothing specific.

Last update: 2013/Jul

Malware dump: