Major websites including the BBC, Newsweek, The New York Times and MSN ran malicious online advertisements on Sunday that attacked users’ computers, a campaign that one expert said was the largest seen in two years.

The websites weren’t at fault. Instead, they were unwitting victims of malvertising, a scheme where cyberattackers upload harmful ads to online advertising companies, which are then distributed to top-tier publishers.

Tens of thousands of computers could have been exposed to the harmful advertisements, which means some running vulnerable software may have been infected with malware or file-encrypting ransomware.

Bad ads were still appearing Monday on some websites, including the BBC, said Jerome Segura, a senior security researcher with Malwarebytes, in a phone interview Tuesday.

To read this article in full or to leave a comment, please click here