Being that it was highly unlikely that all of those sites were compromised to serve malware at the same time, the answer for this occurrence was obviously to be found in content delivered by third parties.
As it finally turned out, the website of big advertising network NetSeer had been hacked and set up to serve malware to visitors, and Google reacted promptly by cataloging both the website and the ad system as malicious.
NetSeer reacted promptly by removing the malware from the website and alerting Google about the fact that their 3rd party hosted corporate website and ad serving infrastructure do share the same domain, but nothing else, and that the latter hadn't been compromised.
"The malware was never served into ad serving stream and the browser behavior was completely due to ad serving and the corporate website sharing the same domain name," shared NetSeer CEPO John Mracek in a public statement.
The company's operations team worked with Google for an expedited review of the site and, four hours later, Google has removed it from the malware impacted site-list.
"While the issue was being addressed with Google we had requested that the affected partners take our tags/pixels off their site. If you were affected and haven’t done so, you do not need to take any further action because the issues has been resolved and there should not be any further flags/blocks by Chrome and other browsers," he added.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.