Last week we detected an infection on a Quantcast 100 publisher site which was due to a vulnerable, third-party ad server (We have also observed the same attack on 400 different sites since September 14). The exploit served from the infected page created two drive-by-downloads which infected users during a two-hour window. We were monitoring this site with our Anti-Malvertising (AMS) Service and identified the malware as soon as it hit the publisher site. Fortunately, the third-party provider was able to fix the infection quickly after being alerted.
More information about the attack can be found at these links: