Wednesday, February 22, 2012

Kaspersky warns of an "Iframe.yi" trojan


This morning, an older XP machine with Kaspersky from 2009 gave a warning about “Trojan.JS. Iframe.yi” on a blog displaying ads, which came from places appearing to be normally reputable.

The same site (and ads) did not give the warning on a nearby Windows 7 machine with Webroot, and have not on an Apple Mac with Norton.

I could not find much information on it.  There is a forum which suggests that it is a script which helps certain kinds of graphics load faster (link). 

Here is Kaspersky’s description (from its Australian site),link.  The item seems to date from 2009. 

Update: June 14, 2012

There is a blogspot discussion, too, here.  This item seems to be code that affects the loading of a webpage and may send you to a lynktracker product which advertisers use to count visits.  It's unclear at this point why Kaspersky and some other vendors view this as dangerous.  I am talking to Geek Squad about it now. 

No comments: