Internet, posted: 5-Nov-2008 15:00
One of the advantages touted for online is that you can have interactive advertising. But, the ads can be too interactive. In fact, they can be downright hostile, as well-known Stuff discovered earlier today. Mauricio's wife Jann got an alert about a "spyware scan" while reading stuff. The "scan" alert told her that she had malware on her computer (an iMac) and needed to pay to clean it up.
Mauricio twittered about it, and got some more info about what was going on. It was one of the ads on Stuff that redirected to a third-party site that asks people to download "virus and spyware checking software". The site in question is premium-pc-scan.com, and it's registered in Russia:
Organization: Private person
Address: ul. Bauma 13-76
State: Moskovskaya oblast
At this stage, we don't know what kind of malware the site was trying to plant unsuspecting machines, but this TechNet page outlines a multi-vector attack with Win32/FakeXPA that takes advantage of several vulnerabilites.
The incident does raise the question of trust however: obviously, the malicious code in the ad had to come from somewhere. Was it deliberately done by the advertiser? Or, was the advertiser's machine compromised? We don't know that, but if you think about it, the fact that malicious code can be planted this way threatens to undermine the online advertising market.
How do we fix this one? Can it be fixed?
Other related posts:
Video: Kim Dotcom and Mathias Ortman at the IITP Mega breakfast
Two-factor authentication broken
The problem with naming and shaming
comments powered by Disqus