ASUS servers compromised??
Welcome to the brave new world of "ok, so they're too smart to go to porn sites or open email attachments, so let's hack every server we can get into and get them that way". Once again we are shown that danger lurks everywhere on the Internet.
I just spotted this - it looks like some ASUS sites were/are infecting visitors with a spyware programe that tries to steal passwords:
"Asus now appears to be cleaning up its sites. Some have been disinfected already, others remain dangerous. How long the sites have been infected, how many customers are affected and how the malware was able to establish itself on the servers is not yet known. A posting on a Belgian forum from 12th December suggests, however, that the infection has been present for a few days."
It looks like ASUS Taiwan was hit, and several pages that I have tested are displaying a "down for maintenance" message.
Other sites that have infected visitors because their servers have been hacked and which have been mentioned in this blog include CircuitCity, mosets.com, spreadfirefox, Capital City Bank, Wakulla Bank and Premier Bank, msblog and Debian (urls here: http://msmvps.com/blogs/spywaresucks/archive/2006/07/22/105450.aspx)
Remember, just because you only go to "safe" sites and don't download attachments, p0rn or warez does not mean you will not be exposed to risk. Patch your systems, make sure you install critical and security updates as they are released, and update to Internet Explorer 7. IE7 has been immune to many exploits that have hit IE6 and earlier.
Edit: Information about the exploit here:
I'd recommend that you block http://www.yyc8.com/ on your network or add it to your HOSTS file. You can bet that there are multiple compromised servers out there that all pointed to that domain to retrieve their malware.