The new ad rotation is what is doing it. The left side vertical ad run scripts from cnzz.com , which is basically a chinese criminal ad/malware ring.
Also, there is some switch off on one of the ads with revski.com which is the same, but probably russian given the name. I know I have had 2 intrusion attempts while browsing this site in the past week, and the redirects are getting pretty bad. They come and go depending on the ad rotation.
I had wondered if it was this site for certain for a couple days, then I saw this thread because I came here looking to see if others were having this problem. Yes, so I started investigating. It is definatly this site, at least today it is - the ads are running some really shady Javascripts. Basically the script that ran from cnzz.com below, is a sploit script - when it executed my TCPmonitor logged over 40 new connections to malware and ad centers in the background.
http://www.siteadvisor.com/sites/cnzz.com/summary/ - others are also starting to report browser exploits. There was also a script run from an IP address, perhaps it was also the culprit. Like I said, im tired so im sloppy, will look into it more tomorrow.
Anyhow, sorry for being so succenct but its late here and I have been busy prepping for my migration to Win7, pretty much as soon as I get done typing this. I cant find my damn VMware workstation license though, FFS. So I would go into more detail but im tired as hell, but yeah.. once I get migrated and get my VMware back runing on win7, I will do a full logging and analysis if the problem has not been taken care of. In the meantime, I highly recommend folk encountering odd issues with the site to closely examine their system.
Below is a source dump of one of the offending ads, the left side vertical one. Close to the bottom you can see the script originating from cnzz that gets run, while showing a pic of an ebay ad to make it look legit.
I recommend in the strongest possible fashion that VGchartz drop the providers of this ad rotation like a rock, and never use them ever again.
Edit again: delete the /ads/value_sky.php from VGC server. Also, chances seem likely that Zedo.com is the ad partner you are using, and is serving the ads. I refreshed a couple times, and recorded the stuff cause im wiping this OS in a bit anyhow lol. If admins are unable to see this exploit, I can send the page source for the exploit that I grabbed from the ad frame.
edit: ok scratch the posting source idea, it got screwed up. lol@meedit2: oh FYI, its not the pulse360 ad, that one is legit.
