Google shut down malicious Web attacks coming from a compromised advertising network on Friday. The move follows a security firm’s analysis that found the ad platform, Zedo, serving up advertisements that attempted to infect the computers of visitors to major websites.
In an attack that ended early Friday morning, visitors to Last.fm, The Times of Israel, and The Jerusalem Post ran the risk of their computers becoming infected as Zedo redirected visitors’ systems to malicious servers. Because the advertisements hosted on Zedo’s servers were distributed through Google’s Doubleclick, the attack reached millions of potential victims, Jerome Segura, senior security researcher at Malwarebytes Labs, told Ars.
Distributing malware through legitimate advertising networks, a technique known as “malvertising,” has become an increasingly popular way to compromise the systems of consumers and workers alike.