“The popular humor website, Cracked[dot]com reportedly hosted malware that infected the machines of its visitors over the weekend and may still be doing so, according to Barracuda Labs research. The attackers delivered their exploit with a malicious piece of javascript they embedded into cracked[dot]com. According to the report, the javascript caused users to send a request to the domain ‘crackedCDM[dot]com.’ The malicious domain contained an iframe pointing to ‘p68ei5[dot]degreeexplore[dot]biz,’ which then sent a cocktail of malicious PDFs, Java, HTML, and javascript files into the victim’s browser. If successful, the attackers then uploaded their malware to the affected machines.”
http://threatpost.com/cracked-com-serving-malware-in-drive-by-downloads