SiteCheck Signatures

  1. Home
  2. Docs
  3. SiteCheck Signatures
  4. mwjs-iframe-injected509


Description: A Remote and malicious iframe was identified. It uses CSS to hide the iframe from anyone visiting the site.

This is a very common malware infecting thousands of sites (Aug 2012). Some of the domains being used:

Those links lead to multiple exploit kits affecting desktop (Windows) users.

Affecting: Any web site (no specific target).

Clean up: Malware is hidden at the index.php or index.html files.

Malware dump: