I have no doubt that this site has been hacked, as the site that the iframe tries to connect to as Scott mentions has been the subject of previous malware and browser exploits. Firefox safe browsing alerts on this site if you try to connect, image1 as does avast image2.
So the target site of the iframe still contains malware.
favicon.ico 
This is the most infected image ever!
This is not FP. That image is dangerous!
It isn't the image that is dangerous it is the hacked or replaced favicon.ico.
This is the little image that almost every site has that gets loaded into the browser address bar (image on the left of the address) when the page loads. It is because of this action that it is a target of hackers, etc. to try and load malware.
So it isn't the image that is dangerous but the actions of the hackers, etc.
