A huge percentage of malware in the wild today has the built-in ability to steal FTP credentials from infected PCs. This is possible because people who administer Web sites often use FTP software to upload files and images. In this way, PC infections can spread to any Web sites that the victim manages when the victim unknowingly uploads boobytrapped pages to his Web site. Some services, like the one offered at iframeservice.net, offer extras to help customers maintain their Web-based minefields.”]
Source: https://krebsonsecurity.com/2012/05/service-automates-boobytrapping-of-hacked-sites/