Thousands of Web Sites Stung by Mass Hacking Attack – Business Center – PC World
Up to 40,000 Web sites have been hacked to redirect unwitting victims to another Web site that tries to infect PCs with malicious software, according to security vendor Websense.
Once a user has been directed to the bogus Google analytics site, it redirects again to another malicious domain. That site tests to see if the PC has software vulnerabilites in either Microsoft’s Internet Explorer browser or Firefox that can be exploited in order to deliver malware, Leonard said.
If it doesn’t find a problem there, it will launch a fake warning saying the computer is infected with malware and tries to get the user to willingly download a program that purports to be security software but is actually a Trojan downloader, Leonard said. Those fake security programs are often called "scareware" and don’t work as advertised.