Home Testimonials Company Support 1–888–873–0817
Home Notes Malware Signatures About
Seeing some variations on how sites are getting hacked to link to the blackhole exploit kit. This is the type of encoded javascript we are seeing inserted into sites now:

Which are pointing to multiple URLs on the .gg.biz and .rr.nu TLD ( ex: http://dmujkkz.igg.biz/d/404.php?go=1, odzyzjyyi.rr.nu, mqvtrt.got-game.org, etc). More details to come.