A newly discovered cross-site scripting attack uses a sly variant on an existing hack to deliver malware in a way that's so heavily obfuscated, even experts didn't notice it at first.
Said experts were the folks at Sucuri, the security researchers who unearthed hacks on Web servers involving rogue Apache modules and brought attention to how Google was unthinkingly spreading malware via its automated site crawlers.
What the library did was load another file, a PNG-format image, from the same domain. Again, the image in question seemed completely innocuous. But a closer look at the jquery.js file revealed a small loop that extracted yet another script: one encoded as binary data inside the image file's metadata.
This second script then created an entirely new iframe -- one positioned offscreen to avoid being seen -- and loaded into that iframe new code, presumably hostile, from a third-party domain. As Gramantik pointed out, this constitutes a "nice little technique both for drive-by-download and SEP (Search Engine Poisoning) attacks." He also pointed out that the use of a PNG file is arbitrary, as the data could be smuggled in via any number of image types.
Web browsers have a number of obfuscated ways, many of them perfectly valid, to load or display content. A common one that has been used as a malware vector many times before is the "data:" URI. Normally it allows images to be displayed via inline code, but it's also been involved countless times to smuggle unwanted data into Web pages. Back in 2007, a Windows bug even allowed abuse of the URI system to execute arbitrary code. (It's since been patched.)
But this new exploit raises eyebrows in big part because it takes so many steps to circumvent conventional security on both the server and client side. Most malware detection can't follow such a trail all the way to the end, so this attack runs a greater risk of existing undetected. Web malware exploits servers first since one compromised server can spread malware to thousands of unsuspecting clients in short order. When the real payload isn't even present on your server, or being delivered in a way that would trip most alarms, it's even tougher to stop.