Hughely popular site Cracked.com among the 300 most visited in the US was hacked and hosted the Nuclear Pack exploit kit.
Barracuda Labs research scientist Daniel Peck said Cracked.com served the attack kit from possibly last week until Monday.
Infected users the ZeroAccess malware directing their computers to click on ads and generate Bitcoins to fill attackers' wallets.
Barracuda researchers found the malware sent requests to a newly registered domain, crackedcdm.com, which was set up November 4.
“There has been some analysis that we did, and it seems that it came from the Nuclear [Pack] attack kit, serving the ZeroAccess malware,” Peck said.
Users running vulnerable versions of Java and Adobe Flash and PDF software, are among those who may have been impacted this week, he said.
In April, security firm Fortinet found that the ZeroAccess botnet was the top threat among devices on its network during the first quarter of the year. The ZeroAccess trojan is cab able of carrying out click fraud, causing victims to unknowingly click ads that drive money to scammers.
The ZeroAccess botnet has also been leveraged by criminals to amass Bitcoins via Bitcoin mining.
The Barracuda Labs team contacted Cracked.com via email and Twitter, but has yet to hear from the site's operators.