Top news websites including the BBC, the New York Times and MSN were hit over the weekend by a co-ordinated malware campaign. Delivered through the advertising networks used by the sites, the malvertising attack aimed to install ransomware on victims' computers.
On-site ads are far from loved, hence the prevalence of ad-blocking tools. But as well as being an annoyance, online ads can also pose a serious security risk - something highlighted by this attack. The infected ads redirected people to servers hosting the Angler exploit kit and was engineered to target US-based web users.
With a footprint measured in billions of readers, the sites - including MSN, the BBC, the New York Times, AOL and Newsweek - were hit with a rash of malicious traffic from two rogue domains, TRACKMYTRAFFIC.BIZ and TALK915.PW. the malvertising campaign affected four major ad networks - Google, AppNexus, AOL and Rubicon - and caused what MalwareBytes calls a "huge spike in malicious activity".
Researchers from Trustwave say that those behind the attack had managed to take control of an ad delivery domain, thereby making it possible to hit so many high-profile websites in one fell swoop.
It's not clear how many people were adversely affected by the malvertising attack, but anyone who fell victim will have found their data encrypted and held to ransom until a Bitcoin payment was delivered to the perpetrators.