Researchers at FireEye were pondering the reason behind outbreaks of malware occurring over the past several weekends. The answer is simple really. Attackers are taking advantage of peak times on gaming websites to deliver malicious ads that serve up PDF exploits. Resulting malware is a predictable cocktail of trojan downloaders and remotely customizable password stealers. Victim sites include a who's who of online gaming, including curse.com, techpowerup.com, and nationstates2.com. Note that these sites aren't compromised, but their ad partner (yieldmanager) has had their ad stream tainted with miscreant ads. The criminals presumably realize that game sites enjoy higher traffic on weekends, so they've scheduled the bulk of their ads to be pushed during these peak traffic times.