Websense security labs have been tracking the Nine-Ball mass compromise attack since early June. They report to date, that over 40,000 legitimate Web sites have been compromised and are actively infected with an information-stealing trojan.
The Nine-Ball attack is deployed when a user visits a legitimate website that has been infected with the malicious code. From the legitimate website, unsuspecting users are redirected behind the scenes through a series of different sites owned by the Nine-Ball’s hackers.
