Some days you're the grasshopper...
...some days you're the ant.
It's hard to know where to place the blame for this. I see a lot of compromised legitimate Web sites, most of which redirect to the same small list of hostile servers (invariably hosted in Eastern Europe, of course). On a good day, the malware writers can plant upwards of 200,000 malicious redirectors on legitimate Web sites.
Most often, I see these attacks compromising sites run by lazy, careless, ignorant, or indifferent Webmasters. Outdated, insecure versions of phpBB, osCommerce, and phpNuke are used to subvert legitimate Web sites so often I cringe every time I see them, and blame in such cases clearly falls on the Web site owners themselves. (Webmasters who install these scripts: for the love of God, keep on top of security updates!)
In other cases, the ISPs have security problems on their servers that allow attackers to compromise every single Web site hosted on their servers at will (iPower, I'm looking at you here). Hard to know if these ISPs are indifferent, or if some employee on the inside is making money to look away.
And that's not even counting those Web sites--many of whom are run by folks who should know better--that provide places for people to enter information (like guestbooks and that sort of thing) who don't sanitize the input and filter out HTML; those folks are just begging to have their Web sites hijacked.