Infection through JavaScript!
Those who are fans of Super Bowl, you will know that their web host was hacked a few days ago.
Besides being hacked, the attackers also added in a malicious JavaScript, which will download a backdoor trojan into your computer.
From SC Magazine:
Dozens of unrelated websites contain malicious scripts that attempt to infect users' machines with malware, security experts said today.
The reports come two days after the highly trafficked website for Dolphin Stadium, host of today's Super Bowl, was infected with a JavaScript-enabled keylogging trojan that took advantage of two previously patched Microsoft vulnerabilities.
In a blog post today, Marcus Sachs, director of the SANS Internet Storm Center, listed about 50 sites that contain the malicious pointers.
He urged system administrators to block network traffic to the sites until it can be confirmed they are free of malware. Users can be infected simply by visiting the websites.
Mikko Hypponen, chief research officer at F-Secure, said some of the hacked sites relate to the Super Bowl.
Sachs, meanwhile, reported that a number of attacks are targeting hospital or medical care sites.
______________________________________________________________
Disabling JavaScript is the only remedy. I see no other ways.