Hackers have launched a widespread website attack, leaving malicious links on up to 10,000 web servers, says security software firm Kaspersky Lab.
Kaspersky says the servers hacked into are mainly located in Western Europe and the US. It is not clear at this stage who has hacked the machines, but the expectation is that the number of infected sites will rise.
These sites then redirect the visitor to a server in China. That server can then launch a variety of attacks, targeting known flaws in the Firefox and Internet Explorer browsers, Adobe's Flash Player and ActiveX management controls, said Kaspersky.
Those victims who have not got fully patched PCs run the risk of allowing the remote attackers to install spyware on their machines, allowing then to steal their data. This could be used to carry out financial fraud.
Similar attacks earlier this year infected 1.5 million web pages, including a large number of web pages run on Italian government servers.