I was surprised to read last week a news story from avast, warning about the increase of websites infected with the iframe tag or thread.
In the story they mentioned that high visibility sites like USA Today, ABC News, and Wal-Mart were affected.
This happened to one of my sites not long ago. Thanks to avast, I found about it quickly. I have outsourced a site for one of my customers, and asked the freelancer to load the site. After he was done, I went to take a look. Suddenly the popular avast alarm sound started and a panel showed a warning me about the web page.
I was surprised, specially that other pages of the same site were fine for avast.
I quickly went back to look at the site source, and sure enough…, I found the iframe tag in the page source close to the bottom of the web page.
It had code referencing another site, that could have caused damage to my laptop without even me noticing where it came from. I quickly removed it and that was it.
I guess what happened is that the freelancer had a malware or spyware on his laptop, and it inserted the iframe tag in the page while ftp’ing the files to the server. Lesson learned: Don’t let anyone update your files for you.
iframe tags are legitimate html tags that allows you see other site’s content in your own web pages. Unfortunately, they could be used to harm you in many other ways.
To minimize the risk to your laptop, make sure you always have your antivirus software running and up-to-date on your computer. To learn more, click here to read the entire story from avast.