Cisco has disrupted a major browser-based hacking operation, thought to be worth $30 million to criminals each year.
The company said unnamed hackers used the notorious Angler Exploit Kit to take advantage of vulnerabilities in common browser plugins, such as Flash and Java.
As many as 90,000 users were affected each day by the attack.
The networking company, through its security wing Talos Group, patched the vulnerabilities being used by the exploit kit, cutting off affected machines from the command-and-control infrastructure.
"This is a significant blow to the emerging hacker economy where ransomware and the black market sale of stolen [intellectual property, credit card info and personally identifiable information are generating hundreds of millions of dollars annually," said the researchers in a blog post.
The exploit kit helped to generate vast sums by gaining access to computers, and holding them hostage for a ransom price, which must be paid within a limited time frame to gain back access to their device.
US federal agents warned earlier this year that so-called ransomware, which encrypts files and documents without the owner's permission, costs consumers $18 million a year.