The popular video website Dailymotion was compromised by cybercriminals able to inject malicious code, redirecting visitors and secretly installing malware. The iframe first appeared on June 28 and installed the Sweet Orange Exploit Kit, targeting Oracle Java, Microsoft Internet Explorer and the Adobe Flash Player.
It seems only a small number of users were compromised, and Dailymotion quickly restored videos and ensured they were safe again.
"If the kit successfully exploited any of these vulnerabilities, then Trojan.Adclicker was downloaded onto the victim's computer," according to Symantec researchers. "This malware forces the compromised computer to artificially generate traffic to pay-per-click Web advertisements in order to generate revenue for the attackers."
It's a clever strategy by cybercriminals, because Dailymotion is currently in the Alexa top 100, slotted in at No. 90.