Ciscos Cognitive Threat Analytics CTA by means of automated behavioral analysis of web telemetry, uncovered a new threat, which our researchers have found to be a family of malicious browser add-ons. Once installed, the add-on injects a frame on the pages visited by the user with a URL. The URL injected, which follows one of the patterns already mentioned, will load the advertising that the user will finally see. The malicious actors can generally assess the vulnerability of the affected user and their operating system and may attempt to deliver malware specific to the given environment.”]
Source: https://blog.talosintelligence.com/2015/02/bad-browser-plug-ins-gone-wild.html