An infected widget from web hosting firm Network Solutions could have affected over five million separate domains, according to new research from web app security firm Armorize.
The security firm revealed that the 'Small Business Success Index' widget was infected last week, but the malware could have been operating in some form for months. It soon realised that the problem was much more widespread than at first thought.
"Yesterday I had some time to sit down and study this widget further, and discovered something critical - it's a part of the standard domain parking page of Network Solutions," explained co-founder Wayne Huang.
According to a Google search, the widget in question was available and serving malware on more than 500,000 domains, but according to Yahoo that number rose to over five million, he said.
"I didn't have time to click on every single one of them, but I clicked on enough to conclude that, all of them are indeed infected, via the same widget we blogged about a few days ago," wrote Huang.
"Also, neither Google or Yahoo actually shows all results. Google shows the first 45 pages only, and Yahoo shows the first 100 only. So we couldn't really go through all the domains one by one...and 5 million is too large a number for manual verification anyways."
The drive-by-malware in question, when downloaded, redirects user searches and monitors various search terms, automatically popping up advertising on the user's screen, for which the malware writer will get a fee.
According to Armorize, Network Solutions took down the widget within three hours of being contacted. However it remains worrying how such a large scale drive-by download remained under the radar for so long.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago