iframe

HTML element to embed one site into another

An iframe is an HTML element that can be used to embed the contents of one website into another. The embedded website can live on the same domain as the main site, or on an entirely different one. Many legitime websites use iframes and they have become popular with the growth of Ajax applications.

Iframes are also frequently used by malware authors to spread their malicious programs. By including an iframe of tiny dimensions into a hacked website, or one that the user is lured to visit using social engineering, they can allow the browser to visit a malware-serving website without the user realising. See also drive-by download.

Related news articles

More 'trusted sites' carrying iframe danger

Big wave of website infections could affect tens of thousands of sites, Trend Micro latest victim.

14 March 2008

  see all related news stories

Poll

Will taking client-side security 'into the cloud' provide better security for the end user?
Yes
No
I don't know

Leave a comment
View 1 comment
Jobs Recruit Sidebar

VB100 certification

VB100 VB's testing team put 24 anti-malware products to the test on the server version of Microsoft's latest iteration of the Windows platform: Windows Server 2008. John Hawes has all the details on which products managed to secure a VB100 award and which need have a little more work to do.
See full results.
Virus Bulletin currently has 142,708 registered users.