“The media home page of Australia’s largest telecommunications company, Telstra, was pushing some malvertising similar to the attack we just documented on the PlentyOfFish website,” Segura says.
It is unknown and difficult to know how many if any users have been popped, but the best exploit kits like Nuclear compromise up to 40 percent of users who encounter it.
Attackers had compromised the media.telstra.com.au/home website through a malicious advertisement. That ad redirects visitors through Google's URL shortener to a website hosting the Nuclear exploit kit.