Sometimes one can search for expired and deleted domains used for these malicious purposes: http://www.justdropped.com/drops/022212com.html
That IP launches malwared like Java/Exploit.CVE-2012-0507.L trojan and Exploit.TIFF.Gen
I wonder if you java software is outdated and so vulnerable to these infections?

polonus