I have known this for a while, I'm glad they decided to publish it.. The banners DO come from major sites; advertisers that hire screw-pulous people are to blame... Content providers "major sites" are to blame for not screening their advertisers banners for malware... Some of the code has been observed trying to perform buffer exploits, to disable local machine security or to directly plant executables in the form of active x scripts and cookies that attempt to check "banner status" that phone home with local machines private information; including OS and software versions, probably to gather information about that machine to use for hacking that particular machine..