Malwarebytes threat analysis man Jerome Segura says compromised Reader's Digest pages are being used to serve the Angler Exploit kit and trojan backdoors.
Segura says the site was still serving the highly capable threat today as the publisher had not yet responded to his disclosure.
"The attack consists of a malicious script injected within compromised WordPress sites that launches another URL whose final purpose is to load the Angler exploit kit," Segura says.
"Site owners that have been affected should keep in mind that those injected scripts/URLs will vary over time, although they are all using the same pattern.
"The website of popular magazine Reader’s Digest is one of the victims of this campaign and people who have visited the portal recently should make sure they have not been infected.
Attackers infected an article 9 Home Remedies for Foot Odor That Are Shockingly Effective but could have targeted other pages visited by the site's three million readers a month.
The Bedep payload dropped the Necurs backdoor, which could change dynamically if attackers decide to tweak the attacks.
"We hope that by making this public we will raise awareness and prevent unnecessary infections."
Malvertising, a separate threat, is one of the worst online threats to end users because it is completely stealthy and can attack users who update their software.
Advertising networks have shied away from addressing the problem.
It is allowed to prosper because advertising networks do not vet the security of ads or ad buyers, and websites are willing to accept and display the untrusted content for revenue. ®