SANS Internet Storm Center made an alert on their website concerning a huge number of legitimate websites being hijacked by malicious iframe that will direct users to 2117966.net. Those who are using an unpatched Internet Explorer is vulnerable to this attack. According to McAfee, majority of the infected websites are running phpBB - a popular forum software. But now it seems that the attack is shifted towards .ASP pages. Further reading at SANS and McAfee.
How to protect from malicious iframe exploitation?
