Properties such as FT.com are being heavily advertised on websites known to be used by hackers to profit from their activities.
In this instance, the advertising property is 123url.info, a domain known for years to be used by these hackers to profit from their activity.
The ads on the site at present are supplied by Infinityads.com, a property owned by Yesup commerce, are are prominently displaying advertising for FT.com.
The result means that normal internet users on Google end up being redirected from legitimate sites that have been hacked, to 123url.info, and then displayed a full page pop up advertising for FT.com.
Insiduously, the website owners may not even be aware that they have been hacked.
Not only does the hack attack leave such sites performing normally for users going directly to the site, but it also drops a cookie on any user clicking through Google’s results, so that the redirect will only happen the once.
An example URL (may not be safe) is: http://url123.info/55489931
These sort of hacking attack was found still in use yesterday, on forums such as sffchronicles.co.uk and homemove.co.uk.
While this sort of attack has been affecting webmasters for a number of years, the surprise if that Yesup do now appear to be publically aware that they are funding hackers.
Even more surprising, is that media buyers do not appear to be aware where their adverts are going, or that they are helping those profit from hacking into other websites.
Attempts to contact both Yesup and FT.com have resulted in no reply so far.