The malicious code is often implemented at the sites by hackers who somehow gained access to the servers or content management system.
As a source of infection may be codes banner systems, counters, and other third-party code that you pasted on your page. It should be remembered that the banner systems can be broken in the same way as any other sites – the owners may not be aware of the nuisance generated code.
If your site allows users to post or upload files, it is possible that malicious code was downloaded by one of the users, either deliberately or accidentally.
Posted in: Site Security