Update October 27: This morning I contacted the owner of listed sites. The sites were indeed hacked, and the owner has since removed the malicious code from the web pages.
This is a nasty trick! There are a few Halloween sites being used to distribute malware, right at the time when unsuspecting web users might be searching for Halloween sites for fun. Patrick Jordan, aka, Webhelper has posted the details here with a screenshot of the code with iframe links to a well known malware distribution site.
Halloweensites.net, nwnlostsouls.com, vampirekits.com, and on the same IP address, but not a Halloween site, sudokugameboard.com. Other on a different IP address, californiaparanormalsociety.com and heatherclark.info are also poisoned with the iframe links. The links go to the domain and IP whois information at domaintools.com.
It's not clear to me if these websites might be hacked, or if they are intended to push malware, but I suspect they are hacked sites, especially since one of them, vampirekits.com, has content for the hosting company, Webair.com. Before posting this, I contacted the support phone number for the hosting company, Webair.com, and spoke to a support person who would not give me his name. This person said he was unable to do anything and I should email their abuse reporting address or call back in the morning. Not cool! Earlier this week I contacted another ISP about a hacked site, and the tech support people had the site down in less than 30 minutes, and that was about 3:00 AM their local time.
Patrick Jordan also posted information about the group behind the malware distrubution site, and listed other sites in the same group. All should be avoided.