Description: A malicious iframe was identified and hidden inside some javascript obfuscation. It is used to push malware to anyone that visits the compromised site and to make it harder to detect.
Not very common type of malware. Some URLs:
http://ad-d-to.com.br.ms:81/rem2.htm
http://orcasp.com.br/43745180.html
.. a few more..
Those are often used to redirect the browser of exploit kits (Blackhole 2.0 and Phoenix).
Affecting: Any web site (no specific target).
Clean up: Nothing specific.
Last update: Sep/2012
Malware dump: