"The culprit masqueraded as a national advertiser and provided seemingly legitimate product advertising for a week," said spokeswoman Diane McNulty. She went on to explain that over the weekend, the ad being served was switched with the intrusive virus message. On click-through, users found their browsers hijacked while a bogus antivirus "scanned" their system. The malware then relied on scare-tactics to bait victims into buying bogus antivirus software.
The ploy was possible because the New York Times allowed advertisers to host ads on their own servers. According to Trend Micro, the ad was hosted by Hetzner AG, which supposedly has a "colorful track record when it comes to spewing dodgy content."