Hackers targeted the Major League Baseball and National Hockey League Web sites last week with an exploit that convinces users they need to scan their computer for viruses and tricks them into downloading a malicious program.

Visitors to MLB.com on Nov. 7 who tried to refresh the page were in some cases greeted with a box asking them to scan their computers, according to Roger Thompson, CTO at Exploit Prevention Labs, who posted a blog and video describing the hack.

Clicking “cancel” would simply take the visitors to another site that would attempt to scan their computers and install some malicious software, according to Thompson.

Security researchers had a hard time identifying the exploit because it happened only intermittently. It seems to have stopped.

“These are really hard to track down, because they don’t happen every time you visit a site,” Thompson writes. “It took us hours to get our first capture.”

Thompson last week also detailed a hack that affected the singer Alicia Keys’ MySpace page.