On April 17, 2008, hundreds of thousands of pages on legitimate domains—including several at the United Nations and in the UK government—were attacked. Many of these sites ended up serving malware by redirecting users to malicious pages using JavaScript and IFRAMES. Users' PCs were loaded with a malware program that tried eight different exploits in an attempt to hijack the system.
Link