Long story short, Google owns a company called DoubleClick, who's ad serving platform delivers a big majority of the image and flash ads you see all across the web. Thousands of different ad networks all deliver their ad inventory through DoubleClick. There have been at least two high profile cases in the past couple weeks where some of these ad networks or the advertisers on them have started sending out malicious ads. Log In Obviously Google should be more on top of stuff like this, but the sheer number of advertisers and the size of their network makes this a difficult task. *This* is why folks should be running AdBlock, and disabling Flash in their browsers. I know this is going to hurt publishers, but your profits don't come first, my privacy and security do. For what it's worth, you can configure Chrome to only display Flash when you want it to, rather than completely shut it off. It will instead prompt you to click on the Flash block to load it, rather than load it automatically. This is what I do, it's an extra step, but it makes your browsing much more secure - especially when sites try to hide flash in a web page for tracking purposes.
I don't disable Flash, but I do run Malwarebytes Anti-Malware active protection to protect my computer, and I use AdBlock on my browser. People are way too lax with their browsing habits, and it's really not that hard to avoid scams or malware. Some users are just so lax about it that they get caught up in these malicious programs and sites somehow. Either way, most people would be wise to upgrade their anti-malware programs and better educate themselves on malware in general. It's not that hard to avoid.
