SiteCheck Signatures

  1. Home
  2. SiteCheck Signatures
  3. mwjs-iframe-injected501


Description: A Remote and malicious iframe was identified. It is used to load malware from external web sites. Some details here:New Web Malware Attacks Using .Ru/In.CGI?16 and here: Distributed Malware Network Outbreak Using Stats.php.

This is a very common malware infecting thousands of sites (Jun/Jul 2012). Some of the domains being used:

Those links lead to multiple exploit kits affecting desktop (Windows) users.

Affecting: Any web site (no specific target).

Clean up: Malware is hidden at the index.php or index.html files.

Malware dump: