A new mass injection tries pass the rogue code added to compromised websites as the Google Analytics script. The attack is actually part of a malicious campaign to distribute a new piece of scareware that has a very low detection rate.
The compromises are likely the result of SQL injection vulnerabilities in mostly ASP and ASP.NET websites. Successful exploitations leads to a rogue