Source: The Register
A mass compromise that has hit tens of thousands of English-language webpages is probably part of a much larger wave of attacks that's been under way since June by a sophisticated band of criminals, a security researcher said Wednesday.
I know that I've noticed an upswing in the number of sites I surf to being flagged as unsafe by Google Safe Search or blocked by my antivirus (Avast) as containing either "HTML:Iframe-GZ" or "HTML:Iframe-EJ."
An Iframe, for those not familiar with HTML, is an "inline" frame, an HTML element which can display a webpage or other document within a "parent" page.
According to Google, this exploit has resulted in a more than doubling of their Safe Browsing Malicious Sites list. since January.
The Iframes are inserted into websites which use MySQL databases as a backend by means of an SQL injection attack. Websites based on popular blogging platforms such as Wordpress and Drupal, and even forums such as those using Invision Power Board and PHPBB may be vulnerable.