1

Sucuri seems to detect iframe “javascript:false” on Origin.com, a game store and cloud servise owned by EA, similar to Valve’s Steam and Blizzard’s Battle.net.

https://sitecheck.sucuri.net/results/www.origin.com

2

Dear Pernaman,

Seems redirected twice: http://isithacked.com/check/www.origin.com
Read: http://www.thisheadx.com/www/origin.com
See: https://aw-snap.info/file-viewer/?protocol=not-secure&tgt=www.origin.com&ref_sel=GSP2&ua_sel=ff&fs=1
0-0-0 iFrame code detected: https://threatintelligenceplatform.com/report/origin.com/iGuY7aQo5O
and new window opening script detected. Configuration warnings and fail.
2 vulnerable jQuery libraries: http://retire.insecurity.today/#!/scan/10c7492a686b60d3d3a84f3eaebe68d654e1936a89a32a19eabf96bb66efab5d

MX and DNS issues: https://threatintelligenceplatform.com/report/origin.com/iGuY7aQo5O

D-Grade and recommendations: https://observatory.mozilla.org/analyze.html?host=www.origin.com

Interpretation of ‘javascript false’ just comes with browser specific coding,
so that should not denote suspicious code nor malicious code even.
It is just coding with a specific non-standard browser in mind.

Read here on StackOverflow about it: https://stackoverflow.com/questions/20535222/what-is-the-difference-between-javascript-and-javascriptfalse-in-ifr

Apart from the improved security issues I pointed out I see no suspicious or malicious code on that website.

polonus (volunteer website security analyst and website error-hunter)

3

Thanks polonus, I wasn’t trying to ask wither that iframe was actually malicious which is why I didn’t post this into “Viruses and worms” subforum, thing just is that I don’t have any experience with javascript code so I was left bit confused/curious of what that "javascript:false) ment. ;D

4

Hi Pernaman,

Ok, now you know it is either about when you want something to load or not in that iFrame.

As a bonus I did a complete security check on the website involved where that piece of code appeared in.
Always nice to see where the website could make security improvements.

Well you know after all that time into this, I consider it as part of my mission
to make people more aware about website security in general,
and I thank avast from the bottom of my heart, for providing me with a platform to do so,
while I am well aware that it is something that works two ways… ;D
(helping avast’s website detection, wherever I can).

polonus (volunteer website security analyst and website error-hunter)