Cisco's Talos Group has discovered malicious browser plug-ins that inject unwanted or infected ads onto certain pages an unfortunate user visits.
The attackers can thus deliver malware (via infected ads), collect user behavior data, or just get a nibble of the $200 billion online advertising market.
The browser add-ons also fingerprint the user's system, and display ads customized for different operating systems -- a PC repair ad for Windows and a gaming ad for Linux, for example. Plus, the installer circumvents Google Chrome's policy of distrusting third-party plug-ins, by manually whitelisting them.
For more details, see the Cisco threat report blog.