JS_IFRAME.FBA
JS/Iframe.W!tr (Fortinet), Mal/Iframe-W (Sophos)
Windows 2000, Windows XP, Windows Server 2003
Threat Type: Trojan
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This Trojan may be hosted on a website and run when a user accesses the said website.
This is the Trend Micro detection for Web pages that were compromised through the insertion of a certain IFRAME tag. Once a user visits an affected Web page, this HTML script launches a hidden IFRAME that connects to a malicious URL. It inserts an IFRAME tag that redirects users to certain URLs.
TECHNICAL DETAILS
3,639 bytes
HTML, HTM
19 Jul 2012
Arrival Details
This Trojan may be hosted on a website and run when a user accesses the said website.
Other Details
This is the Trend Micro detection for Web pages that were compromised through the insertion of a certain IFRAME tag.
Once a user visits an affected Web page, this HTML script launches a hidden IFRAME that connects to a malicious URL.
It inserts an IFRAME tag that redirects users to the following URLs:
- http://{BLOCKED}lalala123.co.cc/main.php?page=4f7377f400e2e2b1