Trojan.Iframe.[variant], Trojan.JS.Iframe.[variant]


This detection identifies malicious JavaScript code that has been added to an inline frame, or iframe, contained on a webpage. When the user opens the page in a web browser, the code is automatically run.


Automatic action

Based on the settings of your F-Secure security product, it will either move the file to the quarantine where it cannot spread or cause harm, or remove it.

Find out more

Knowledge Base

Find the latest advice in our Community Knowledge Base.

User Guide

See the user guide for your product on the Help Center.

Contact Support

Chat with or call an expert for help.

Submit a sample

Submit a file or URL for further analysis.

Technical Details

Iframes are typically used to display the content of one web page on another page. Though useful in many legitimate contexts, the iframe functionality can be misused by attackers to insert malicious code hidden in the iframe tags into a target page for eventual display in a user's web browser, which will automatically execute the embedded code.

The malicious JavaScript code may be inserted on a page next to legitimate JavaScript code, making it more difficult for a user to differentiate the two and increasing the chances that the malicious behavior will be masked.

Once executed, the malicious JavaScript code can perform a variety of actions - most commonly, either redirecting the browser to unsolicited sites, displaying unsolicited content, or silently downloading other files onto the user's machine.

Date Created: -

Date Last Modified: -