funsec mailing list archives
Hackers Can Now Deliver Viruses via Web Ads
From: "Richard M. Smith" <rms () computerbytesman com>
Date: Thu, 19 Jul 2007 08:05:35 -0700
http://online.wsj.com/article/SB118480608500871051.html?mod=todays_us_market place Hackers Can Now Deliver Viruses via Web Ads By EMILY STEEL July 19, 2007; Page B1 Web ads are becoming a delivery system of choice for hackers seeking to distribute viruses over the Internet. In a development that could threaten the explosive growth of online advertising, hackers have started to exploit security holes in the online-advertising chain to slip viruses into ads. Just going to a site that shows such an ad can infect a user's computer. In May, a virus in a banner ad on tomshardware.com automatically switched visitors to a Web site that downloaded "malware" -- malicious software designed to attack a computer -- onto the visitor's computer. ScanSafe Inc., one of the first security firms to discover the virus, estimates the banner ad was on the site for at least 24 hours and infected 50,000 to 100,000 computers before Tom's Hardware removed it. After the incident, Tom's Hardware's parent, TG Publishing, was acquired by BestofMedia Group. The company says it won't discuss what may have happened under prior management. But a person familiar with the situation says that Tom's Hardware was unaware of the threat and that ads on the site were supplied by an outside server and likely appeared on a number of other Web sites as well. Users of an online forum hosted on the Tom's site discussed the case, with some people noting that their antivirus software had protected their computers and others lamenting that a virus had been downloaded onto theirs. Clicking on ads that appear in the sponsored-link results section of Web-search engines can also be very dangerous. Web-security firm McAfee Inc. found in May that 6.9% of sponsored links led to suspicious sites that might have automatically downloaded malicious software. "Not being able to offer a safe haven is one of the things that could stand in the way of reputable advertisers and dollars," says Scott Howe, president of Internet-ad network Drive Performance Media, a unit of Seattle-based aQuantive, which Microsoft Corp. recently agreed to buy for $6 billion. "That's the single biggest fear that many advertisers have....It has taken them a hundred years to build their brand, and it can be destroyed pretty quickly if they are not careful." ... _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Hackers Can Now Deliver Viruses via Web Ads Richard M. Smith (Jul 19)
- RE: Hackers Can Now Deliver Viruses via Web Ads Larry Seltzer (Jul 19)
- RE: Hackers Can Now Deliver Viruses via Web Ads Alex Eckelberry (Jul 19)
- Re: Hackers Can Now Deliver Viruses via Web Ads Gadi Evron (Jul 19)
- RE: Hackers Can Now Deliver Viruses via Web Ads Larry Seltzer (Jul 19)