The criminals add a line of JavaScript code onto the hacked sites that redirects victims to one of six servers. These sites, in turn, redirect the visitor to a server in China. That server can launch a variety of attacks, targeting known flaws in Firefox, Internet Explorer, Adobe's Flash Player and ActiveX.

So if your computer is not currently patched, the attack code could install a variety of spyware and Trojan horse software, including one program designed to steal World of Warcraft passwords.  (this is just an example of the use for this type of attack).

We have already recommended the use of the NoScript Add-on Module for all users of Firefox.

Webmasters should also verify that they are using the Best Practices for securing their Web Servers to insure that they are safe from these types of attacks.