Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

I got hit by this -- djf Warning: New York Times ad system antispam contamination continues

From: David Farber <dave () farber net>
Date: Sun, 13 Sep 2009 17:35:22 -0400


Begin forwarded message:

From: Lauren Weinstein <lauren () vortex com>
Date: September 13, 2009 4:19:25 PM EDT
To: dave () farber net
Subject: Warning: New York Times ad system antispam contamination continues 


Greetings.  The New York Times ad delivery system has apparently been
contaminated by some form of illicit antispam ad injection exploit.  I
first saw this upon clicking a NYT home page story link yesterday on
one machine, and a few minutes ago was hit again via a different NYT
home page story link on a completely different local computer:

Here's a screen capture: http://bit.ly/m04qo

Early today the Times posted a note regarding this problem
( http://www.nytimes.com/2009/09/13/business/media/13note.html?hp - but
clicking on this link may also trigger the beast!), though it was not
made particularly clear that the contamination is *ongoing* and that
the Times had not yet successfully cleansed their ad system.

It is not immediately obvious how dangerous the pop up is (just an
insistent, hard to kill ad?  A virus?  Or?), but as usual in these
situations clicking on them in any form (even to "Cancel" or "Close")
is unwise.
Depending on your browser and configuration, you may not be able to close 
you browser at all, and even killing the browser process may result in
being returned to the same contaminated state the next time you start your 
browser (in my case, this was all under Firefox).

The best recommendation if you hit this beastie is to immediately
reboot your system.  If on your next browser start you get an error
from your browser, discard any existing sessions and start a new
session if possible.

Hopefully the Times will really get this fixed sometime soon,
regardless of the problem's initial origin.  Until then, clicking on
any New York Times links should be carefully considered.

--Lauren--
Lauren Weinstein
lauren () vortex com
Tel: +1 (818) 225-2800
http://www.pfir.org/lauren
Co-Founder, PFIR
  - People For Internet Responsibility - http://www.pfir.org
Co-Founder, NNSquad
  - Network Neutrality Squad - http://www.nnsquad.org
Founder, GCTIP - Global Coalition
  for Transparent Internet Performance - http://www.gctip.org
Founder, PRIVACY Forum - http://www.vortex.com
Member, ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
Twitter: https://twitter.com/laurenweinstein






-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com
Previous By Date Next
Previous By Thread Next

Current thread: