A hidden and malicious iframe was identified. It is related to the latest "stats.php" outbreak and has
been compromised thousands of sites. More info here: Distributed Malware Network Outbreak Using Stats.php.
It loads malware from multiple sources:
http://www.lifeshiftdevelopment.com/stats.php http://oxsanasiberians.com/downloads/stats.php (and many other domains).
This is used to load malware from external web sites while not being visible to the user.
Any web site
This malware is generally hidden on .js or .php files without heavy encoding.
Malware dump (sample of malware):