On a Saturday night at the end of May, visitors to the forums section of Digital Spy, a British entertainment and media news Web site, were greeted with an ad that loaded malicious software onto their computers. The Web site's advertising system had been hacked.

A number of such attacks have occurred this year, as perpetrators exploit the complex structure of business relationships in the online advertising, with its numerous middlemen and resellers. Web security experts say they have seen an uptick in the number of ads harboring malware as the economy has soured and publishers, needing to boost their ad revenues, outsource more of their ad-space sales.

Viruses can be incorporated directly within an ad, so that simply clicking on the ad or visiting the site can infect a computer, or ads can be used to direct users to a nefarious Web site that aims to steal passwords or identities. In most cases, the problem becomes apparent within a matter of hours and quick fixes are put in place, but that's not fast enough for Internet surfers whose computers end up infected or compromised.

document.write('<script language="JavaScript1.1" src="http://ad.uk.doubleclick.net/adj/button.totaltele.tmuk/IP;chan=IP;pos=5;tile=5;sz=120x120;ord=' + ord + '?" type="text/javascript"><\/script>');if ((!document.images && navigator.userAgent.indexOf('Mozilla/2.') >= 0)|| navigator.userAgent.indexOf("WebTV") >= 0) {document.write('<a href="http://ad.uk.doubleclick.net/jump/button.totaltele.tmuk/IP;chan=IP;pos=5;tile=5;sz=120x120;ord=123456789?" target="_blank"><img src="http://ad.uk.doubleclick.net/ad/button.totaltele.tmuk/IP;chan=IP;pos=5;tile=5;sz=120x120;ord=123456789?" width="120" height="120" border="0" alt=""><\/a>');}<a href="http://ad.uk.doubleclick.net/jump/button.totaltele.tmuk/IP;chan=IP;pos=5;tile=5;sz=120x120;ord=123456789?" target="_blank"><img src="http://ad.uk.doubleclick.net/ad/button.totaltele.tmuk/IP;chan=IP;pos=5;tile=5;sz=120x120;ord=123456789?" alt="" border="0" height="120" width="120"></a>"The system is only as safe as its least secure members, and some of these members can be strikingly insecure," says Ben Edelman, an assistant professor at Harvard Business School who researches Web security issues.

EWeek.com, a technology news site owned by Ziff Davis Enterprise, in February displayed an ad on its homepage masquerading as a promotion for LaCoste, the shirt maker. The retailer hadn't placed the ad -- a hacker had, to direct users to a Web site where harmful programs would be downloaded to their computers, says Stephen Wellman, director of community and content for Ziff Davis.

Similar attacks occurred across a series of News Corp.-owned sites in February, including AmericanIdol.com, FoxNews.com and IGN.com. In January, clicking on an ad on Major League Baseball's MLB.com led visitors to a site with malware.

Digital Spy, Ziff Davis, Fox and MLB all say that immediately after they detected the incidents, they isolated the ads and removed them from their sites.

Digital Spy sells the ad space on its forums section, visited by three million unique visitors a month, through a number of other companies, called ad networks. If one ad network doesn't sell the space to a marketer directly, it often will sell it to another network. The space also can be outsourced to ad exchanges, another set of companies, which hold an electronic auction for online ads.

"As that chain gets longer, it becomes more and more difficult to vet the ads to make sure there are no viruses in them," says James Welsh, co-founder of Digital Spy, owned by Hachette Filipacchi."There was a lack of scrupulous checking somewhere along that line, and an attacker seized upon this and used it as a route to inject some very nasty malware onto our site."

"Hackers are like any other criminal out there. They look for opportunities where there is the largest number of people gathered, because they will get the best return on their efforts," says Hemanshu Nigam, who oversees safety, security and privacy for News Corp.'s online properties, including MySpace. News Corp. also owns Dow Jones, publisher of The Wall Street Journal.

Web publishers say they have started limiting the number of companies they outsource their ad selling to and are working with security vendors, such as San Francisco-based ClickFacts, to detect malicious software on their networks and remove it as quickly as possible.

Ad technology companies and Internet companies say they, too, are making efforts to boost the security of their systems. Microsoft, Google and Time Warner's AOL say they use a series of technical and manual procedures to scan for malicious code in their systems.

AOL says that in addition to digital virus scans, it employs a team of people to review each of the thousands of Web sites interested in entering its ad network and each of the advertisers that want to run an ad campaign across these sites. Microsoft says it verifies the legitimacy of the companies it does business with and deploys technologies that scan ads and Web sites to mitigate attacks.

"It is an issue that we take very seriously," says Alex Gounares, corporate vice president of ads and commerce research and development at Microsoft, which operates some of the largest online ad technology systems."I don't know if it will ever go away. The world has evildoers."