“This is basically the same pattern that a lot of advanced malware is taking today,” says Srinivas Kumar, CTO of TaaSERA. By taking a multi-stage approach and going after server-side vulnerabilities at legitimate sites, the attackers can be assured that unsuspecting visitors to the site are more likely to trust links redirecting to malware-laden sites, he says.

via Department Of Labor Attack Points To Industry Weaknesses — Dark-Reading

Apparently the Department of Labor’s site was hosting links to malware.  Usually users get hacked by sites hosting compromised  advertisements.