Last December we saw a couple of malicious JavaScript strings being pasted into Web sites on compromised servers.
We’ve now confirmed a new version. One of the sites we saw was originally compromised with the "/*GNU GPL*/" script and was recently updated with the "/*LGPL*/" script.
You can read the rest of this Blog here: New Obfuscated Scripts in the Wild: /*LGPL*/.