Internet media company media-servers.net is the latest victim of a large-scale malicious code injection campaign...
by hackers, says security firm Websense.
"It is important to note that media-servers.net serves advertising content from ad.media-servers.net, and that this site is clean," said a security alert.
Thousands of legitimate websites have been compromised in the attack, which Websense Security Labs has tracked for months.
The researchers found that visitors to compromised websites unwittingly run an autoloading script as soon as the page is loaded.
This script runs a series of exploit code that targets vulnerabilities in several earlier versions of certain Microsoft utilities and Adobe software.
If the browser of a user's unpatched computer is exploited successfully, a malicious file is downloaded and run in the user's Windows home directory.
The malicious file has an extremely low anti-virus detection rate, according to the Websense researchers.
"Only two of forty anti-virus companies currently detect the malicious file once downloaded, said Carl Leonard, Websense Security Labs manager.