Iframe attacks are becoming very common as many websites are vulnerable.
The hackers in this case are not simply attacking the PC users but attacking the web servers themselves aka the "Green Zone".
See this article by Roger Grimes on March 21.
Typically all pages at the hacked website will include code at the bottom of each page similar to this:
which translates into something like this on the users computer:
When an unsuspecting user clicks on a trusted website he downloads spyware, viruses, etc as described in this article at CastleCops