The Kovter malvertising campaign, recently seen targeting the Huffington Post, has hit sites with a combined monthly traffic 1.5 billion visitors, according to the security firm Malwarebytes.
Visitors to Yahoo News, AOL, Match.com, New York Daily News and the Weather Channel were all said to be at risk of being redirected to a Sweet Orange exploit kit download, after AOL and Google owned ad networks were compromised.
Jerome Segura, senior security researcher at Malwarebytes, said: "As we had said it in our end of year report, malvertising is a huge issue that affects a wide range of people. End users, of course, but also advertisers and publishers who have to fight to defend their legitimacy."
"Cyber criminals will likely continue to hijack ad networks with malicious code and pocket the dividends from hundreds of thousands of successful infections."
He added that this campaign was likely to evolve further since it was in the public domain and ad networks were making moves to clean up their systems.
Contacted for comment about the campaign, AOL said: "We were alerted of the issue early on and quickly took the necessary steps to rectify.
"AOL is committed to bringing new levels of transparency to the advertising process, ensuring ads uphold quality standards and create positive consumer experiences."