goodroi - 3:00 pm on Apr 5, 2013 (gmt 0)
I did contact some of the websites that were hacked and it was near impossible to convince them I was trying to inform them for free and not making a sales pitch.
They are legitimate businesses and they are monitoring their websites. The site owners I talked with said they were first informed of this by their customers but they couldn't recreate it so they assumed the issues resolved itself. I was able to walk them through and recreate it by having them use a different browser and going through Google serps. I assume the hacker is using user agent detection or a similar method to hide the hack from site owners.
Another interesting thing I noticed is this network of hacked sites were all using different CMS. In the past, it has been my experience that a hacker would tend to focus on one CMS.