The Websense researchers also noticed similarities between this compromise and a different one detected last week on the website of the Israeli Institute for National Security Studies.

Hackers are starting to use advanced persistent threats (APTs) like Gh0st RAT in mass attacks because they are very efficient, Leonard said. Gh0st RAT gives attackers complete control over infected systems and allows them to copy the victims' documents, emails, passwords and other sensitive information, Giuliani said in the blog post.

The Gh0st RAT executable installed on victims' machines as a result of this attack had a low antivirus detection rate and was signed with a valid digital certificate issued by VeriSign to a Chinese company. Security researchers have pointed out in the past that digitally signed malicious files have a higher chance of not being detected by security products.

The digital certificate used in this case was most likely stolen, Leonard said. Websense has notified VeriSign about the abuse, but doesn't know if the certificate has been revoked yet, he said.

Amnesty International's U.K. website has been compromised and was used to serve malware several times before -- most recently in December 2011. The organization's Hong Kong website has also been infected in a similar manner in the past.