Security researchers at Web security services vendor ScanSafe have tracked a successful IFrame attack infecting nearly 55,000 website pages with code that infects victim machines with a Trojan downloader that installs a potent mixture of malware.
Mary Landesman, a senior security researcher at ScanSafe, said the IFrame is responsible for loading additional exploits and malware from up to seven different malware domains.
A Google search on the iframe script tag resulted in 54,900 hits. Victim sites include www.feedzilla.com, latindiscover.com, and a number of charitable and nursing facilities, including howellcarecenter.com, sweetgrassvillagealf.com, www.foodsresourcebank.org, and morningsideassistedliving.com.
Last year, security researchers believed the Russian Business Network (RBN) was involved with a scam that corrupts hundreds of thousands of Web sites with IFrame redirects