The adverts that you see when you go to a web site, aren't actually hosted by the web site that you visit; they're hosted by a third party, an advertising network. An ad network buys space on web sites, and sells space to advertisers.
This is crazy - it's just asking for trouble.
There's a full description of the malvertising malware on the Eset WeLiveSecurity web site. But that's just one bad malware thing. There's plenty of others. That's why I run uBlock Origin to block ads, I block advertising sites via my hosts file and I disable javascipt using NoScript.