Skip to main content

Iframe attack

An IFrame (which isn't another Apple product - it stands for "inline frame") is just a way of loading one web page inside another, usually from a different server.

Malware writers can make the included page just one pixel square and obfuscate javascript which will run automatically.

Frame code would be inserted by hacking web servers, or adding it to banner advertisements.

Big websites often cache (store) the results of search queries run on their sites - say, the links for a search for "malware IFrame" - and then forward these to search engines such as Google, which can generate search results directly. Malware authors exploit the system by putting in a search query like "malware IFrame" plus all the malicious IFrame's text. If the site doesn't check search terms adequately for obfuscated Javascript, the IFrame data is stored and passed on. When someone then searches for "malware IFrame" and clicks a result, the attack is initiated directly from the search result, because the browser can read the obfuscated Javascript - even if you can't.

Malware distributors like this because they don't need to hack the server, and can use popular searches to benefit from the site's SEO (search engine optimisation) practices and get a high ranking at Google. The attack usually includes half a dozen "drive-by" exploits, and also uses "social engineering" to get users to install something else, such as a video codec that is actually a Trojan. (Source)

Comments

Bill Anderson said…
Adsense is just a big pain and just a little too smart to successfully exploit for long
http://office-phone-system-primer.blogspot.com/
Blogger said…
I'm using AVG protection for a couple of years now, and I'd recommend this product to all of you.
Blogger said…
Using EasyHits4U you can earn free advertising credits by viewing other website-ads from a account base of over 1,200,000 accounts. Earn advertising credits faster with a view for view model.
Blogger said…
BlueHost is definitely the best hosting provider for any hosting plans you might require.

Popular posts from this blog

How to Input Phonetic Symbols (IPA) in Google Docs

You can insert special characters by clicking "Insert" on the menu, then click the "Ω Special Characters", the choose "Latin" category from the drop-down menu, and then Phonetics (IPA) sub-category. Insert Special Characters in Google Docs There is a short-cut for inputting some IPA symbols which you use them frequently. Automatic Substitution in Google Docs similar to Auto Correct in MS Word. You can replace common acronyms, misspellings and other symbols. So you can set auto-replace for your IPA symbols, for example, "e<" for "ɛ", "o/" for "ø", "o>" for "ɔ" etc. Automatic Substitutions in Google Docs

Virgin Media Netgear Wireless Router Username and Password

As Virgin Media customer, if you find your wireless router is Netgear, then you may type the router's setup URL into a web browser address bar. http://192.168.0.1 is the default Netgear router IP address. http://192.168.1.1 will work for some Netgear models. Mine setup URL is http://192.168.1.1 . Then you are required to enter a username and password. If you haven't change the default setting, it is "virgin" and "password", you may find that on a label stuck on the router. This default username and password of Virgin Wireless router is different from that of the normal Netgear router. The default username of Netgear is admin and the password is either password or 1234. Then you open the configure interface, change the settings, such as change your DNS server to OpenDNS . For a normal Netgear router, if you forget the username and password, you can reset and restore the NETGEAR device to factory default settings. But I couldn't find any button on ...

Vodafone Router Configuration for Incoming Connection and other Services

This post is about specific Vodafone Home Broadband Router configuration for Incoming Connection and other service on your home computer. This is not a tutorial, and will not be going into details of the services and router configuaration, I just want to point out couple of points you need to pay attention to. 1. Port Forwarding. Vadafone Router has its own name for Port Forwarding, it's called Port Mapping under Port Management category.The picture below shows that I set up web server on my desktop, I map my local address on port 80; and I set up PPTP incoming connection by mapping local address on port 1723. Port Forwarding 2. Exposed Host. If you have set up Port Mapping, you still can't get what you want, then you have to put your device outside the Firewall, i.e. bypass Vodafone Connects (means Router) firewall, in a Demilitarised Zone (DMZ), using it's Exposted Host Function. Static NAT (Network Address Translation) means the Router will translate publi...