Researchers with Raytheon|Websense have identified a massive malvertising campaign that has hit Web users in Europe and the U.S.

The attack is focused on users browsing several well-trafficked sites, including CNN Indonesia, the official website of Prague Airport, Detik, AASTOCKS, RTL Television Croatia and the Bejewled Blitz game on Facebook. According to the researchers, the attack leads users to the Angler Exploit kit, which leverages a vulnerability in Adobe Flash Player (CVE-2015-3090) to infect users with the Bunitu Trojan.