The infection kicked off warnings from a fake security program Booby-trapped adverts that hit visitors with fake security software have been discovered on the London Stock Exchange (LSE) website.
Analysis of the LSE site suggests that over the last 90 days, about 363 pages had hosted malware.
The LSE said its site was now safe and an investigation showed that ads provided by a third party were the culprit.
One victim claimed his PC was made unusable after being infected.
Security expert Paul Mutton fell victim when he viewed the site on 27 February.
He visited the LSE homepage to find out why some people reported that they could not access it.
The site was blocked by Firefox, he said, but accessible via Google’s Chrome browser.
“It seemed to work with Chrome but then a few seconds later, without having to click on anything, pop-ups started to appear,” he said.
The sheer number of pop-up adverts made his computer unusable.
“I visited the site and it compromised my machine,” said Mr Mutton.
While he was fighting to close down the flood of pop-up adverts, another window appeared that appeared to be a fake security scanner which claimed to detect lots of different malware on the PC.
Analysis of the LSE homepage by Google’s safe browsing scheme, which scans web pages for malicious code, found the site had been listed for “suspicious activity 6 time(s) over the past 90 days”.
The last time it discovered malicious activity on the site was on 27 February, the day Mr Mutton visited.
Of the 1112 pages that Google scanned on the LSE site over the last 90 days, 363 were found to be hosting malware. The malicious code it found included scripting exploits and trojans.
Graham Cluley, senior technology consultant at security firm Sophos, said: “Our suspicion would be that it was the third-party advertising network running via the site that delivered the malware.”
“This so-called ‘malvertising’ is big business for cyber criminals,” said Mr Cluley.
“If they are able to plant their poisonous adverts in the streams being used by major websites then it can spread their attacks far and wide,” he said.
While many sites rely on third-parties to provide adverts, that can have its risks, said Mr Cluley.
“Unfortunately when an infection does get through it’s likely that the users will blame the website, not the ad network,” he said.
This article is from the BBC News website. © British Broadcasting Corporation, The BBC is not responsible for the content of external internet sites.