iframe injection attack HOME
HOME › Articles

iFrame virus

How does an iFrame virus infect your website?

If your website or blog has been infected by an iframe virus and flagged by Google as a site that "may harm your computer", you'll be wondering how the heck it happened.

N.B. This article does not delve into the steps required to remove an iFrame virus. If you just want to go straight to the iframe virus fix, click here:
How to remove a malicious iFrame virus

Google will place a warning flag against your site in its search results if Google's automated web crawler is attacked by malware, spyware or viruses when it visits your website. Google does this to help protect web users by steering them away from malicious pages.

Google is not out to punish or penalise you, and knows the vast majority of webmasters don't put an iframe virus into their website on purpose... and that you probably didn't either. It's just that they don't want to send their customers to dangerous websites and need you to fix your site before they start referring visitors again.

So how did that iframe virus manage to infect your website? Here are the four most common reasons for websites to be flagged by Google...

  1. Your site got hacked. This is the most likely reason your website was flagged. If a hacker can trick your server into allowing him to modify your website's files, he can insert some iframe virus code into your web pages or database tables, alter your .htaccess file or your JavaScript or HTML code. The result is that your site will automatically redirect visitors to a malicious website, often without them even knowing it.
  2. Somebody else's site got hacked and it is affecting your site's content. If your site contains a legitimate iframe or JavaScript that is pulled into a visitor's browser from the other website, or PHP code from the other website that is included into your pages before being served to your visitors, and the other website gets hacked, your pages can become malicious. If the content that the other site was supposed to be sending out (e.g. advertisements, news feeds, hit counters, etc) is replaced by a virus, spyware or other malware, your site is effectively dishing out this nasty stuff. Whenever you use content from other websites on your website, you are wholly reliant on them to remain clean.
  3. Your website triggers the loading of Flash .swf files coded maliciously or that are out of date and exploitable. Flash advertisements are common culprits.
  4. Your site links to a website infected with badware. This used to be a common reason for getting the Google flag. It's worthwhile checking your links to ensure you're not linking to harmful sites, or to a site that was legitimate but got hacked and has since turned malicious.

PandaLabs recently said that 57,000 booby-trapped sites go live every week!

Google is doing what it can to alert users about harmful sites, but trying to keep up with the avalanche of new websites being created by hackers every day is a real challenge.

» How to remove a malicious iFrame injection attack from your WordPress blog

HOME › Articles

 

All content copyright © 2010 Evolve Marketing Ltd. All rights reserved.