Streaming sites operated by the BBC were hacked on Tuesday, according to Websense, as part of a current mass-injection targeting vulnerable web sites. The BBC sites began silently serving visitors malware. An iframe tag at the foot of the page on the BBC’s 6 Music and 1Xtra websites injected an exploit from a website with an address ending in cc, a top level domain for the Cocos Islands. Simply browsing to the page is enough to get infected with a malicious executable. The malicious binary was generated by the Phoenix exploit kit, which dates back to 2007 and streamlines malware infections by collecting detailed statistics.