http://arstechnica.com/security/2016/03/big-name-sites-hit-by-rash-of-malicious-ads-spreading-crypto-ransomware/

By the way, in the above article at Ars Technica there's a link in it that redirects to Malwarebyte's blog page.  I suggest avoid clicking it, since Sucuri SiteCheck indicates that blog.malwarebytes. org contains malicious code (unrelated to the malware being reported in the article).