A scheme in which cyberattackers conceal malicious software files (malware) on a website to infect computers that visit the site. Often, the attackers place these files on legitimate websites without the site owner’s knowledge. When victims click a link that leads to the malicious software files, their computers are infected. In some cases, attackers distribute links to the malicious files through spam, adware, or mobile in-app advertising. In other cases, they rely on the site’s popularity to attract victims.