It seems that an exploit to unpatched Internet Explorer vulnerability is hosted on a “large number of sites” already. HostGator general manager Jason Muni says that hackers have hijacked multiple web sites at the hosting firm. They seek to put exploits on legit, but hacked pages, and thus infect visitor systems. Muni said HostGator checked and reconfigured all its web servers to remove code used to redirect visitors to outside malicious pages using VML exploit to install malware. However, some HostGator customers are continuing to report that their sites are still redirecting visitors.
This reminds us of incidents occured in first few months of this year, when a similar Internet Explorer exploit has been injected to hundreds of legit sites. It took several months for infection rate to drop. VML exploit has all the chance to start a new wave of infections.
P.S. Why VML exploit is considered to be so dangerous? Watch this video. Learn how visiting a malicious web site can result in disclosing your PayPal login information to hackers.