"Kaspersky reports that the crackers are adding a JavaScript tag to
the html of hacked sites. This causes surfers visiting the site to pull
content from one of six gateway sites, which redirect to a server
hosting malware located in China.
A range of exploits are hosted on this site designed to take
advantage of recently patched flaws in IE, Macromedia Flash Player,
Microsoft’s notoriously wobbly ActiveX technology, and (unusually)
Firefox.
These various vulnerabilities are in turn being used to push Trojan
downloader code onto the PCs of surfers who stray onto compromised
websites. The end goal of the attack is to load backdoor code onto
Windows Pcs in order to steal World of Warcraft login credentials or to plant other forms of spyware and Trojans."
For the record Diablo > WoW .
Articles: http://www.theregister.co.uk/2008/11/10/drive_by_download_mass_attack/
