A “particular large malvertising campaign” aimed at visitors to the adult website xHamster caused a 1500 percent uptick in infections originating from the site in a two-day period, according to researchers at Malwarebytes, who blogged about the campaign that exploits a zero-day vulnerability in Adobe's Flash player.
Calling the attack “very simple and yet effective” the attack works by “embedding a landing page and exploit within a rogue ad network.”
The main site links to traffichaus.com and from there the malicious advertising occurs “thanks to an iframe.” The Flash exploit is hosted on the same ad network and users with a vulnerable version of Flash may get the recently discovered zero-day.
The blog noted that the attack resembles one revealed by Kafeine and predicted a large number of infections since the xHamster site generates a lot of traffic.