Technologically, this is impressive work. Read the full arstechnica.com article for the specifics. These guys are getting scary. It’s tough being a Windows user today — I almost feel bad for Microsoft because of how damaging this is to their business.
Almost.
Ongoing IFrame attack proving difficult to kill
This particular IFrame exploit takes advantage of web site query caching. Web sites often cache the results of search queries that are run locally. These search results are forwarded to search engine providers (think Google or Yahoo), who use the information to generate their own search results. Hackers exploit the system by typing a query immediately followed by the text of an IFrame. This data (including the IFrame) is then passed to various search engines and displayed if a user searches for a relevant keyword. When the user visits an apparently legitimate document, the IFrame activates and attempts to complete whatever instructions it has been given.