Two universities and two major search portals based in China fell prey to online attackers in the past week, with each site compromised to include malicious code that attempts to gain control of visitors' computers, a security firm said this week.

The compromises affected the homepage of download site China.com as well as some Web pages of Chinese search site Sohu.com and HuaZhong Normal University, Web security firm Websense stated in alerts over the last week. Earlier this month, the Web site of Peking University had also been compromised to host malicious code, the company stated.

"This code has been changing over the course of last week, leading to different exploit sites," Websense said on Monday of the China.com compromise. "The exploits target Yahoo! Messenger, Adobe Flash, Real Player, and MS Office."

Inserting malicious code into legitimate sites has become an increasingly popular way to infect Internet users' computers. Many of the attacks use flaws in a Web site's back-end database system, such as the recent flaw in Microsoft's SQL server, to add unauthorized code to vulnerable sites. Earlier this year, attackers had used search-engine optimization (SEO) techniques to include malicious code in the searches cached on various major Web sites, including Wired.com and CNET Networks' online properties.

The China.com compromise appears to be different from the attacks that compromised Sohu.com and the two university Web sites. Those attacks led to the hosting of exploits that targeted numerous flaws, among them Microsoft AdoDB, RealPlayer, Sina DLoader, and Global Link Lianzhong.

If you have tips or insights on this topic, please contact SecurityFocus.