The method of attack is similar to one that recently victimised pages within Trend Micro's website, said Graham Cluley, senior technology consultant for Sophos.
In this particular case, the server that is hosting the malicious code is down, Cluley said. One possibility is that the server exceeded its allowed bandwidth due to a high number of downloads of malicious code, which would indicate that many people could be infected, Cluley said.
The Welsh site is one of hundreds upon hundreds of sites that Sophos has catalogued as infected. The vendor chose to publicise its findings on the Welsh site to make a point about how seemingly legitimate sites are being affected by this latest round of attacks, Cluley said.
Sophos has contacted the organisation responsible for the website but has yet to receive a response, he said.