Update: Nov. 26
Here's another writeup from the UK on the Moon virus, seeming to have something to do with Conduit, link here.
I got a fake Adobe update popup this evening on an older Dell Windows 7 laptop when I was on mlb.com (trying to go to the Washington Nationals page). In Windows 7, it started downloading, and Webroot Secure Anywhere stopped it immediately. I closed the browser. Webroot scan ran for 20 minutes and verified the malware had not actually loaded or installed. I tried the mlb site again and it worked normally. I did go ahead and rebooted the machine and nothing unusual happened.