Webmasters of websites hosted on GoDaddy have to check their source code yet again, as attackers using a number of different domains inject rogue code into their pages, which then redirect visitors to pages serving rogue AV.

According to Sucuri Security researchers, many of these domains are registered under the name of Hilary Kneber, an alias often used by criminals groups and sometimes associated with those spreading the ZeuS Trojan.

The security firm has also released a fix that should help administrators of compromised sites clean up their code. They just have to download it, rename the .txt file into a .php file, upload it to the site and open it in their browser – after a few minutes, the script will have gone through all the source code and deleted the injected rogue code.