If you have been reading my articles on combating malicious iframe injections, you will have noticed that these malicious iframes have a basic configuration as shown below:
[iframe src='http://url/'width='1'height='1'style='visibility: hidden;'][/iframe]
They have this configuration so that hackers can hide these unwanted iframes by making them invisible. The iframe is created with width and height of 1 pixel, visually it’s just a point. They also specify a style that makes it invisible:style='visibility: hidden;'
These iframes are invisible to web surfers but they can be detected in the HTML code of your web page.
Let us take the previous malicious iframe example and pack it. It would look like the following:
If you look at the above code, it is hard to see if it is malicious or not. You will notice some words that appear suspicious, but may not be. Sometimes you may not see any suspicious text at all.
What you need to do is to unpack this compressed code when you are unsure whether the scripts being loaded are malicious or not.
One site you can visit to unpack these compressed codes is at:
Simply copy the complete code, eval(function........) and paste into the upper box. Click on the "Unpack" button. The final result will be shown in the second box and should be the actual code which should now be completely readable. Once the code is readable, you need to make sure that it is malicious or not before you delete it.
To hide malicious code, hackers sometime encode their scripts multiple times, so that even if you execute such a script you'll get just another obfuscated or compressed script. The malicious script decodes itself and creates another encoded script which in turn creates another hidden malicious iframe.
The battle against malicious iframe injections is a constant battle. For more information your can visit:
It is also important to remember that not all iframes are bad. Before you remove a suspected iframe, make sure it is not relevant to your web page. You might want to download a copy of the web page before you do any deleting just to be sure if your are not certain.
Joseph Schembri has written many ebooks that are practical, easy, but thorough with step by step advice on website security protection and internet niche marketing. They are written in a language that you can understand with all the extra nice to have stuff stripped away.