Dailymotion.com, a popular video sharing website, had malicious code injected into it which redirected users to Web-based exploits that installed malware.

The rogue code consisted of an iframe that appeared on Dailymotion on June 28, this according to Symantec.

The iframe redirected browsers to a website hosting an installation of the Sweet Orange Exploit Kit. That malware exploited Java, Internet Explorer and Flash Player.

The Symantec researchers said: “If the kit successfully exploited any of these vulnerabilities, then Trojan.Adclicker was downloaded onto the victim’s computer. This malware forces the compromised computer to artificially generate traffic to pay-per-click Web advertisements in order to generate revenue for the attackers.”

Symantec’s data indicates that the majority of Dailymotion visitors affected by this attack were from the U.S.—over 50 percent—and Europe.

Dailymotion did not immediately respond to a request for comment.