Security researchers from Cyphort Labs traced a malicious ad available on the websites from AOL ad network. Here is the summary of the events:
- huffingtonpost.ca was hosting an ad from an AOL ad-network [advertising.com]
- The ad redirected through multiple hops
- The landing page served an exploit kit
- The Exploit kit served a Flash exploit and a VB script
- The script downloaded a Kovter Trojan executable to %temp%
Read the full analysis here – http://www.cyphort.com/huffingtonpost-serving-malware/