ADSL      ANTI-SPAM      WEB HOSTING       NEWS       SUPPORT      CONTACT     
 

DoubleClick caught supplying malware-tainted ads

By: Dan Goodin

DoubleClick, the massive internet advertising network that recently agreed to be bought by Google, has been caught serving rogue ads designed to trick users into buying unneeded software, according to an article on eWeek.

DoubleClick acted as a go-between between a German-based outfit known as AdTraff.com, where the maliciously crafted ads originated, and scores of legitimate websites, including CNN, The Economist, The Huffington Post and the official site of the Philadelphia Phillies baseball team. The ads contain malicious code that causes authentic-looking security warnings to be displayed on an end user's computer in an attempt to dupe the person into buying software that will fix the problem.

eWeek's report comes less than a week after a researcher for SecureWorks warned that thousands of PC users had been duped by anti-spyware ads that had appeared on hundreds of websites in recent weeks.

Malicious code hardwired into the ads prompted a pop-up that warned of a bogus security threat on the visitor's machine. It offered to fix the problem in exchange for as much as $80. The ad then attempted to install software on the victim's machine that is difficult to remove.

Jackson said Monday that malicious ads are continuing to be served on high-trafficked websites, which he declined to identify by name.

The rogue ads were distributed by DoubleClick as recently as Sunday, according to eWeek, which cited researchers from Sunbelt Software. The publication said the malware being pushed is a variant of WinFixer, a piece of malware that poses as a diagnostic tool. It provides a fake alert that tricks people into spending money on software to fix the problems.

DoubleClick officials said they recently deployed a monitoring system to catch malware-tainted ads before they are distributed over the ad network. The monitor has already has disabled about 100 malicious ads. A DoubleClick executive called the rogue ads "an industry-wide challenge".

Indeed, the scams described by eWeek and SecureWorks are the latest to piggyback on banner ads that are fed to popular destinations. Other networks that have distributed toxic banners include Real Media and the Yahoo!-owned Right Media. Ad networks are ideal carriers for malicious payloads because of their massive reach and because they catch people as they surf to sites they know and trust.

On Monday, website marketing pros flooded industry email lists with reports of reader complaints who said they have been receiving inappropriate ads. The pros said ad servers for sites including The Wall Street Journal, Discovery and BizJournals had been hijacked, according to eWeek.

In addition to AdTraff.com, Jackson named at least three other outfits he believes have also fed malicious ads to large sites in recent weeks. They include ForceUp, BlessedAds and Traveltray.

Many of the groups have overlapping executives and pose as legitimate ad networks that are interested in buying ad space from large websites, said Jackson, who added that their combined reach has been substantial.

Said Jackson: "They managed to buy a lot of ad space"


  
Web hosting South Africa adslanti-spamweb hostingnews | support | contact | links Web hosting South Africa
 
produced by Visual Productions | Hosted on SoftPage Content Management System