Invisible iFrame drive-by malware attacks explained [VIDEO]

Graham Cluley
Graham Cluley
@[email protected]

FrameiFrames and script tags are being used by malicious hackers to serve up drive-by internet attacks, silently and invisibly.

iFrames allow webmasters to embed the content of one webpage into another, seamlessly.

There are legitimate reasons why some websites may want to do that – but what cybercriminals do is exploit the functionality (presumably they have been able to gain write access to the website) to deliver malware such as fake anti-virus or a PDF vulnerability exploit to infect your computer.

What’s sneaky is that malicious hackers can make the embedded content invisible to the naked eye, by making the window zero by zero pixels in size. You can’t see the threat, but your web browser is still dragging it down.

Sign up to our free newsletter.
Security news, advice, and tips.

Check out the following video by our own Chet Wisniewski, which shows how malicious iFrames work:


(Enjoy this video? Check out more on the SophosLabs YouTube channel.)

If you want to learn more you can subscribe to our YouTube channel for similar videos. But even better than that, we hold regular “Anatomy of Attack” events where we demonstrate malware threats and you can quiz Sophos experts.

If there’s not an “Anatomy of an Attack” event scheduled in your area soon, drop us a note and we’ll let you know if and when one is coming to your part of the world.

Empty picture frame image from Shutterstock.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.