People are hearing more and more about legitimate websites that get compromised by attackers and then redirect to another site that attempts to infect the user’s PC. The Treasury Department is the latest to fall victim to these types of attacks. It uses an iFrame which is a virtual window on the site to run code from an alternate site. They are very popular for cyber criminals because they are such an effective method of exploit. In this case, it looks like the same hacker that infected many sites hosted by Network Solutions is the same person that did this because the malicious sites “owner of record” is the same for both attacks.