Popular video sharing service DailyMotion was compromised on June 28, and briefly redirected users to the Sweet Orange Exploit kit.
Attackers “injected an iframe” onto the site, which rerouted users to a different website hosting the exploit kit, according to a blog post by Ankit Singh, security researcher at Symantec.
The exploit kit then attempted to leverage several vulnerabilities on a user's computer associated with Internet Explorer (CVE-2013-2551), Adobe Flash (CVE-201302551), and Java (CVE-2013-2460).
Although these bugs have been patched, if a user does not have the latest version of the programs and Sweet Orange successfully exploits any of the vulnerabilities, the compromised machine will download pay-per-click malware and generate revenue for the miscreants by artificially producing traffic for their web advertisements.
The site, which ranks 90 in Alexa's top 100, is no longer compromised.