Researchers at Zscaler have found that attackers are now registering massive numbers of randomly generated malicious domains and using them as part of campaigns that involve JavaScript redirectors and the Black Hole exploit pack. The attackers are setting up malicious scripts on random URLs that, when visited by a user, uses the familiar tactic of obfuscated JavaScript to hide a malicious HTML file. Attackers use Black Hole to deliver other pieces of malware to victims machines, such as rootkits and banker Trojans.
Source: https://threatpost.com/attackers-moving-cems-domain-attack-sites-103111/75822/