Following on from a post I made some time ago about yourmusic.com compromised web banners, it turns out that Doubleclick have been serving up malware in their ads, to a number of very high volume sites. Doubleclick are not behind it, but the evidence points towards an outfit called AdTraff.com allegedly based in Germany (but with servers in Honduras). It appears that AdTraff.com supplied trojanised banners that eventually ended up on the Doubleclick network.

Some other references to this:
http://blogs.pcmag.com/securitywatch...range_site.php
http://www.eweek.com/article2/0,1895,2215734,00.asp

This is not the first time that rich media ads have been compromised in this way. It is vitally important that ad networks understand and trust everyone in their supply chain. I don't know how much this might cost Doubleclick in the end, but they must be held liable for their sloppy practices.