Exploit:HTML/IframeRef.AI

Exploit:HTML/IframeRef.AI is a specially formed IFrame tag that references a remote website that contains other malicious content, for example a malicious JavaScript that executes an exploit for a specific vulnerability.

Installation

An IFrame is a valid HTML element, which allows content from a separate page or website to be embedded into other pages. The rendered IFrame is created with attributes that make the IFrame not visible. This exploit requires that a user view or visit the affected websites for the redirection to occur. Exploit:HTML/IframeRef is often found in obfuscated scripts or HTML pages of affected websites.

This malicious script is encountered when viewing a web page that contains the script. When opened within a web browser, it attempts to access other websites via a hidden IFrame. This variant attempts to access the site "77.221.133.172" however at the time of this writing, the requested URL was unavailable for analysis.

Analysis by Chris Stubbs