Blog Posts Tagged with "iFrame Injection"


Thousands of Sites Hacked with Plesk Zero Day Exploit

July 10, 2012 Added by:Headlines

"What is interesting is that most of our clients always used to be using CMSs (like WordPress, Joomla, etc), but lately we are seeing such a large number of just plain HTML sites getting compromised and when we look deeper, they are always using Plesk..."

Comments  (0)


Symantec: Blackhole Exploit Kit Upgrade Revealed

July 03, 2012 Added by:Headlines

"The Blackhole JavaScript code on compromised sites now dynamically generates pseudo-random domains, based on the date and other information, and then creates an iframe pointing to the generated domain... The code then creates a hidden iframe, using the previously-generated domain as the source..."

Comments  (0)


Symantec: Internet Explorer Zero-Day Exploit in the Wild

June 18, 2012 Added by:Headlines

"While the exploit used in this attack has been referred to as being a zero-day due to reports of it being seen in the wild before the recent Security Bulletin Summary, zero-days are not commonly observed in attacks... this begs the question: will we see more zero-days being used in similar attacks?"

Comments  (0)


Following the Trail of Web-Based Malware

December 15, 2011 Added by:Mark Baldwin

The main.php script contained javascript that attempted to exploit several potential vulnerabilities. I downloaded the script and analyzed it. By inserting an “alert” statement into the script prior to the actual execution of the code, we can get a good idea of what the script does...

Comments  (0)

69dafe8b58066478aea48f3d0f384820 Spreading Malware via Invisible iFrame

May 18, 2011 Added by:Headlines

The main page of the site - including the "Homepage" and the "About Us" section - contain an invisible iframe with JavaScript downloaded from sites contaminated by a custom set of exploits. The malicious code attempts to take advantage of vulnerabilities on the end user’s machine...

Comments  (1)


IBM's DeveloperWorks Website Hacked

January 12, 2011 Added by:Headlines

IBM's DeveloperWorks website was breached by hackers over the weekend. The messages left by the hacker(s) read: "Defaced by Hmei7," and, "You have been Hacked !!!, not because of your stupidity That's because we love you, and we want to warn you That your web still has large of vulnerability."

Comments  (0)


Java Applet Distributes Trojan via Downloader Injection

December 31, 2010 Added by:Headlines

More than two-thousand weblinks direct users to domains that can inject malicious code by way of a Java downloader applet. The code is contained in the HTML of the infected sites, and infects the visitor's computers with a hidden iFrame containing a JavaScript function...

Comments  (1)


Ligatt Site Still Vulnerable to Basic Code Injections

October 07, 2010 Added by:K S Abhiraj

The iframe injection is a kind of injection of one or more iframe tags into a page's content. The iframe can typically do many malicious things, such as downloading an executable application that containing malware which may directly compromise a visitor's system...

Comments  (2)