This year, there has been a large increase in the number of legitimate websites infected by a so-called “iframe” threat – a type of malicious script.
Several prominent websites have come under attack from hackers who have modified the underlying code so that malware can be distributed to unsuspecting users who visit the site. When a user visits an infected site, an invisible connection is established to a remote server, which can then attempt to install malware on the user’s computer. The intention could be to generate spam, or possibly something more sinister, such as stealing personal information e.g. bank account or credit card details.
In 2008, several high-profile websites were targeted, including USA Today, ABC News, Target and Wal-Mart and simply visiting one of these infected websites could have resulted in the user’s computer being infected. More recently, a number of websites have been detected by avast! as being infected by a malicious script called “HTML:Iframe-inf”. Among the websites affected are a number of Government sites in the US, including the United States Forest Service, the US International Trade Commission and the websites of several embassies around the world. Many popular travel and recreational websites have also been compromised.
avast! antivirus will detect and block access to any website that is infected by this threat and will display a warning that a virus has been detected. If avast! displays this warning, you should discontinue your attempt to connect to that particular website and either report the infection to the relevant party so that it can be removed, or post a message on the avast! forum in the section Viruses and Worms so that it can be investigated to determine whether the website is really infected. Do not ignore this warning, even if you believe the website to be a reputable one – the recent attacks prove that no websites are immune to infection.
Thanks to one of our regular forum users who reported the infection to the organization concerned, the website of the US International Trade Commission was quickly repaired and the infection removed, however, potentially, many more websites remain infected.
To minimize the risk of falling victim to such an attack from this, and other similar threats, it is essential that your antivirus software is kept up-to-date. We recommend that your avast! antivirus is set to update itself automatically, or alternatively, that you perform regular manual updates, ideally daily.