It's time once again to duck and cover kids, as yet another Ad network has been compromised, just this time it's Google! Shocker, yes, and the worlds largest reach. It's Fox-It that's reporting on "Malvertising from Google advertisements via possibly compromised reseller", and they state:
We are currently observing a large scale malvertising campaign originating from all the Google advertisement services resold from engagelab.com. It appears as if if all of engagelab.com its advertisement & zone ID’s are currently redirecting to a domain, which in its turn is redirecting to the Nuclear Exploit Kit, indicating a possible compromise at this reseller of Google advertisement services. This Nuclear Exploit kit targets vulnerabilities in Adobe Flash, Oracle Java and Microsoft Silverlight software.
They update the Live Blog as new information appears, the payload has been identified as Pony Loader, malware that is able to steal credentials and install other types of malware on your computer. Be wary of surfing without Adblock, make sure all of your software is the most up to date and do look into having some Malware protection installed (though, I don't recommend Norton we had to change our domain because they blocked our ionically ad-free site. Bastards.)
Hacking web banner networks sends banner ads from hated to feared
Worst banner ad ever - system doctor takes over the browser
More evil flash banner ads, this time they will hijack your clipboard.
Banner hijacking still going strong - Adrants now victim to uplothario campaign.