When someone clicks on one of the adverts in question, they are referred along a chain of websites towards a server that exploits a computer's vulnerability.
Once infected, files are rendered useless unless a payment is made to the criminals behind the software.
Security consultants Blue Coat say referral websites have been set up in India, Burma, Indonesia, France and other countries.
According to a report on The Register, the culprits used Yahoo because of its huge advertising reach.
Senior malware researcher Chris Larsen told the site: "What looked like a minor malvertising attack quickly became more significant as the cyber criminals were successfully able to gain the trust of the major ad networks like ads.yahoo.com."
Mr Larsen said the ease which the attackers managed to deliver ads pointed to a "broken security model".
The scam was initially spread by spam emails – but went on to become more advanced.
A Yahoo spokesperson told Sky News: "At Yahoo, we take the safety and privacy of users very seriously.
"We are aware of the incident and promptly removed the advertising. We continue to monitor and block any advertising being used for this activity."
Most Popular Stories
- U.S. Families 'Extraordinarily Vulnerable': Yellen
- Veterans to Get Training as Solar Panel Installers
- Apple Locks Itself Out of Devices
- Larry Ellison Steps Down as Oracle CEO
- Alibaba Prices IPO at $68 a Share
- Hispanics Doubt Marco Rubio's Chances
- Hillary Clinton to Address CHCI Conference
- Alibaba: Today China, Tomorrow the World
- Wildfires Rage in California
- John Cantlie Delivers ISIS Message to Save Life