The crimeware toolkits was hidden behind an invisible iFrame. According to security firm ScanSafe, the malware uses browser exploits to load banking Trojans onto the machines of the visitors.
The attack was discovered on Saturday 5 April. By Tuesday, PaulMccartney.com was reported as having been cleansed of the malware and it remains safe at present time.
It appears that the malware attack is related to a new large-scale phishing scam involving the Zeus botnet, ScanSafe commented.