JS_IFRAME.SMJJ
Trojan:JS/Iframe.BT(Microsoft), JS/Iframe.FS trojan(Eset)
Windows 2000, Windows Server 2003, Windows XP (32-bit, 64-bit), Windows Vista (32-bit, 64-bit), Windows 7 (32-bit, 64-bit)
Threat Type: Trojan
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This Trojan may be hosted on a website and run when a user accesses the said website.
This is the Trend Micro detection for files that contain malicious IFRAME tags. Once a user visits an affected Web page, this HTML script launches a hidden IFRAME that connects to a malicious URL. It redirects browsers to certain sites.
TECHNICAL DETAILS
Arrival Details
This Trojan may be hosted on a website and run when a user accesses the said website.
Other Details
This is the Trend Micro detection for files that contain malicious IFRAME tags.
Once a user visits an affected Web page, this HTML script launches a hidden IFRAME that connects to a malicious URL.
It redirects browsers to the following sites:
- http://{BLOCKED}.{BLOCKED}.143.237/images/hg728x90.swf?clickTAG=http://secure.hostgator.com/cgi-bin/affiliates/clickthru.cgi?id=page404
- http://{BLOCKED}-alles.net/
- http://{BLOCKED}eup.info/defaultsite
- http://{BLOCKED}eup.info/stats.php
- http://{BLOCKED}lolo.net/demo/single/counter.php?sid=1
- http://www.{BLOCKED}ssonline.de
- http://www.{BLOCKED}-berlin.de