Web security firm Websense says it has alerted sites of the problem. It has not named which government sites were compromised.
The attack method highlights a growing number of attacks that take advantage of the flaws in traditional security that rely on signatures and website reputation to protect customers, said Websense.
By infecting hundreds of thousands of much-used, well-known websites simultaneously, attackers only need a window of a few hours to get a large number of potential victims.
Web users and organisations without real-time protection are vulnerable, said Websense.
The well-orchestrated, widespread attack reported appears to be from the same group that launched a similar one in March 2008, said Websense, in which tens of thousands of well-known websites were infected with malicious links.
The same group may also be connected to the Dolphin Stadium Super Bowl attack in 2007, it said.
"This attack seeks to exploit users who trust that their favourite, legitimate websites are safe," said Dan Hubbard, vice-president of security research at Websense.
"Unfortunately, we believe that attacks that target popular websites will be on the rise. In this rapidly changing threat environment, organisations must have web security that can adapt to threats in real-time," he said.