Recently, a client was hit with an ftp attack where the hacker used their user/pass and modified the pages with an <iframe> loaded on many of the pages. If you have wordpress on those sites, you might check to see if you have comments with hidden <iframe> links in them.
I would suspect that your sites probably have some link to a badware site. Look on your pages for unknown javascript and unknown iframe links.
__________________
SnapReplay.com a different way to share photos - iPhone & Android
|