The so-called “LizaMoon” malware campaign has so far infected as many as half a million domains and nearly 1.5 million URLs, net security firm WebSense warned.

LizaMoon was initially spotted on 28,000 Web pages when it was first discovered on 29th of March. Numerous of the hundreds of thousands of Web pages infected by the malicious code are associated with iTunes RSS and XML feeds.

However, users of Apple iTunes are now safe because the company encoded the script tags which prevented them from running on a user’s computer.

Cyber criminals are using an automated JavaScript injection that attacks vulnerable websites. Afterwards, compromised websites redirect visitors to malware and trick them into buying rogue antivirus software.

LizaMoon is cunningly dangerous because it doesn’t let users to know that they have visited a corrupted Web page as it simply looks like genuine Web page.

WebSense suggests that Internet users to employ and update their antivirus software.