A major internet hack attack is underway and has infected approximately a million web pages, many on very prominent websites like WalMart and USA Today.

Bulgarian security specialist Dancho Danchev reported on this problem about two weeks ago but it appears the attack is continuing and infecting more major websites, redirecting traffic in a complex way to a Russian system that is known for hosting criminal activity in the past.

Danchev says the following sites *may still be infected* with the poison IFrame that will redirect to malware sites:

USAToday.com, ABCNews.com, News.com, Target.com, Packard Bell.com, Walmart.com, Rediff.com, MiamiHerald.com, Bloomingdales.com, PatentStorm.us, WebShots.com, Sears.com, Forbes.com, Ugo.com, Bartleby.com, Linkedwords.com, Circuitcity.com, Allwords.com, Blogdigger.com, Epinions.com, Buyersindex.com, Jcpenney.com, Nakido.com, Uvm.edu, hobbes.nmsu.edu, jurist.law.pitt.edu, boisestate.edu.

Here is Infoworld’s simpler and more readable account of what is going on with the IFrame attack, which in simple terms is a tactic where search queries at a website create new content that is able to redirect the user from a legitimate site to a bogus site that in turn may install malware or other malicious software on the users computer.