Over the past few months, lots of legitimate websites are being
attacked and hijacked by a relatively new kit being used in "drive-by"
downloads to infect visitors (victims) with malware. The kit is known
as LuckySploit.

LuckySploit (and similar ones) enables "attackers" to construct
malicious websites from a totally legitimate website, in order to hit
victims with exploits. Resulting in malicious software being
downloaded and installed without user consent.

Thankfully, such compromised web sites are been often and early
detected, reported and blocked by the "Safe Browsing" initiative
(Google, Yahoo & Microsoft) and that is exactly what happened to my
site.

How attackers got access to my sites internals is not quit clear. Two
main scenarios are possible. 1. Malicious software (Spyware, Viruses
etc.) could have been on the site administrators computer, spying on
access details (login names and passwords) or 2. the server it self
could have been compromised. My site administrator scanned all
computers in questions with 8 different malware detection tools
(Sysinternals RootKit Revealer, Sophos Anti-Rootkit, AVAST Boot-Time
Scan, BitDefender, F-Rescue, Malwarebytes, Spybots Search & Destroy
and Kaspersy Anti Virus), lasting over 18 hours in total, with no
conclusive result. After that and deleting all content, on the server,
and uploading the site from a clean backup, the attack quickly
reactivated, what let him to change and upgrade web space and server
software. What finally seems to have done the trick and my site is
reviewed, cleared and accessible again."