Malicious advertising attacks (malvertising) have been plaguing mainstream sites and their visitors a lot these past few years. While some are easy to spot and get rid of, others tend to be much more sophisticated and hard to shine light on. This past Saturday, we discovered a malicious advert that was displayed on huffingtonpost.com and that was used to deliver the Cryptowall ransomware via a Flash exploit.
Popular adult site RedTube.com currently has a malicious iFrame loaded on their site, redirecting users to malicious pages. Resulting in a trusted site with high notoriety and non-malicious reputation can potentially infect millions with all kinds of heinous malware.