14 DAY TRIAL // Well, what do you know? Everyone's been praising the Chinese hackers to be amongst the best in the world, as of late, but it seems that the Chinese Internet Security Response Team (CISRT for short) has been under attack from another group of hackers. Their site has been a victim of IFRAME attacks, which is not something out of the ordinary - these attacks are the most common ones, and were at the top of the web threat chart for September.
Now, the idea behind these attacks is a rather simple one: instead of getting a user to click on a link that will get him to an infected site, all the hacker has to do is use an already trusted site that a lot of people visit daily to insert malicious code, that will land a virus on the users' machine. That was just a brief description, the process itself requires serious knowledge of coding and, clearly, not anyone can do it.
So, when visiting some of the CISRt's sites, malicious code could pop up and attempt to download a Trojan that will eventually download even more Trojans form another website. So, yes, this is just a common multi-stage attack using a Trojan-downloader. But perhaps you are wondering why I said "could" instead of "would" - well, the thing is that the malicious script isn't always executed, as seen on a blog by CISRT; they're only inserted sometimes.
The Chinese Internet Security Response Team, however, does not think that their site has been compromised, but they state that this situation could be due to an ARP (address resolution protocol - this is used to get a node's physical address) attack and that they are cooperating with their webserver provider to solve this issue as soon as possible. Check out this post on their site, to get the more techie details.