The Huffington Post, along with several other major websites, displayed advertisements laced with malware in late December through early January, according to an Internet security company.
According to cyber-security firm Cyphort, their labs detected an infection on Huffington Post Canada on Dec. 31 that was confirmed on the main U.S. edition of the news website on Jan. 3.
The ad, from an AOL ad-network, was displayed and ultimately directed users to an “exploit kit” that deployed a trojan virus.
Once installed, the virus disables the user’s ability to use his or her keyboard and mouse, then flashes a pop-up claiming to be from law enforcement saying the person has recently viewed child pornography. To unlock the computer, it demands the user pay a fine.
LA Weekly, FHM, Weather Bug, The Indy Channel and Houston Press were all found to be hosting the malware-laced ads recently, according to Cyphort.
AOL spokesman Gerasimos Manolatos told CNN that they “quickly took the necessary steps to rectify,” adding “AOL is committed to bringing new levels of transparency to the advertising process, ensuring ads uphold quality standards and create positive consumer experiences.”