SiteCheck Signatures

  1. Home
  2. Signatures
  3. SiteCheck Signatures
  4. mwjs-iframe-injected509

mwjs-iframe-injected509

Description: A Remote and malicious iframe was identified. It uses CSS to hide the iframe from anyone visiting the site.

This is a very common malware infecting thousands of sites (Aug 2012). Some of the domains being used:


http://wielerclinics.nl/32864443.html

Those links lead to multiple exploit kits affecting desktop (Windows) users.

Affecting: Any web site (no specific target).

Clean up: Malware is hidden at the index.php or index.html files.

Malware dump: