TrendLabs Malware Blog
Glossary
TrendWatch
TrendLabs Twitter
HTML_IFRAME.CV
Overview
Solution

Malware type: Html

Aliases: Trojan-Clicker.HTML.IFrame.ab (Kaspersky), Exploit-IFrame (McAfee), Downloader (Symantec), HTML/IFrame.FileDownload (Avira), Mal/Psyme-E (Sophos),

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 98, ME, NT, 2000, XP, Server 2003

Encrypted: No

Overall risk rating:

Reported infections:

Damage potential:

 High

Distribution potential:

 Medium

Description: 

To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.

HTML_IFRAME.CV Behavior Diagram

Malware Overview

This is the Trend Micro detection for Web pages that were compromised through the insertion of a certain iFrame tag. As of this writing, the affected Web pages are adult sites.

Once an unsuspecting user visits an affected Web page, this HTML iFrame connects to the Web page http://{BLOCKED}crogger.ws/flash/index.php to download a malicious JavaScript. Trend Micro detects this JavaScript as JS_DLOADER.NUF. As a result, routines of the downloaded script are also exhibited on the affected system.

For additional information about this threat, see:
Solution
Technical Details

Description created: Jun. 22, 2007 5:41:32 AM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.