Search
Virus Protection

PC Tools Spyware Doctor w/ Antivirus v6.0 FREE DOWNLOAD and VIRUS SCAN      Stopzilla Download - Get Rid of Spyware, Viruses, and Adware Today!

Malware delivered by Yahoo, Fox, Google ads – CNET

March 22nd, 2010 | Author: admin

These charts show incidences of malware distributed by a number of ad delivery platforms over a six-day period last month that were detected by Avast. Yahoo and Fox have the highest counts.

(Credit: Avast)

Malware that exploits holes in popular applications is being delivered by big ad delivery platforms including those run by Yahoo, Fox, and Google, according to Prague-based antivirus firm Avast.

Viruses and other malware were found to be lurking in ads last year on high-profile sites like The New York Times and conservative news aggregator Drudge Report.com, and this year on Drudge, TechCrunch and WhitePages.com. The practice has been dubbed "malvertising."

Now, researchers at Avast are pointing fingers at some large ad delivery platforms including Yahoo's Yield Manager and Fox Audience Network's Fimserve.com, which together cover more than 50 percent of online ads, and to a much smaller degree Google's DoubleClick. In addition, some of the malicious ads ended up on Yahoo and Google sites, Avast claims.

"It's not just the small players but the ad servers connected with Google and Yahoo have been infected and served up bad ads," said Lyle Frink, public relations manager for Avast.

The most compromised ad delivery platforms were Yield Manager and Fimserve, but a number of smaller ad systems, including Myspace, were also found to be delivering malware on a lesser scale, Avast Virus Labs said.

Found in ads delivered from those networks was JavaScript code that Avast dubbed "JS:Prontexi," which Avast researcher Jiri Sejtko said is a Trojan in script form that targets the Windows operating system. It looks for vulnerabilities in Adobe Reader and Acrobat, Java, QuickTime, and Flash and launches fake antivirus warnings, Sejtko said.

Users don't need to click on anything to get infected; a computer becomes infected after the ad is loaded by the browser, Avast said.

Since the malware started spreading in late December, Avast has registered more than 2.6 million instances of it on customer computers. Nearly 530,000 of those were from Yield Manager and more than 16,300 from DoubleClick, Sejtko said.

"The Google portion of JS:Prontexi is quite small and has gotten visibly even smaller as they have taken steps to improve the situation," Sejtko said. "That is not the case with Yahoo and Fox."

Representatives from Fox and MySpace declined to comment.

A Yahoo representative confirmed the report and said it was investigating the situation, but didn't provide much information. "We have identified the creatives in question and are working to make sure they been deactivated in our system," the company said in a statement.

"Yahoo is deeply committed to providing a high-quality experience for users, advertisers, and publishers. We expect our members to support and abide by our standards and guidelines around acceptable ad content and behavior," the statement said. "On the rare occasion that an ad is served that is in conflict with our expectations and guidelines we take action to remove it as quickly as possible."

A Google spokesman said the company had discovered malware in ads from DoubleClick on its own and halted them. "In this case, we stopped several of the ads in question on the same day, independent of this report," he said.

"When our automated system is able to identify a problem, we immediately stop serving the affected ads, and then work to refine our security measures to help capture and disable similar ads for all DoubleClick publishers and advertisers," the company said in a statement.

"DoubleClick's ad serving products maintain a security monitoring system that screens ads and is constantly adapting to respond to new developments, yet publishers are in control of what ads they serve when using DoubleClick services," the Google statement said. "We encourage publishers to maintain good quality processes, especially in terms of the networks and advertisers they deal with, and we provide tips and tricks at http://anti-malvertising.com/tips-for-publishers."

However, the Google spokesman said it was highly unlikely that malware was served on Google, adding that DoubleClick ads do not run on Google search.

Five Filters featured article: Chilcot Inquiry. Available tools: PDF Newspaper, Full Text RSS, Term Extraction.

Posted in Computer Security

Comments are closed.

RSS Virus Removal Help
  • Zlob Downloader Trojan
    Do You need help with the zlob trojan virus? Here we have compiled a little info for you about the dangers and effects of the computer trojan, and also have resources for removal tools. […]
  • Smitfraud C Will Hijack Your Background on Your Computer! Read This to Stop It!
    Has the image on your desktop changed to something that you are completely unfamiliar with? The virus known as Smitfraud C could be the cause of something like this. We have the solution to your problems! […]
  • Need to Remove Zlob? Read This First
    Zlob is no joke, and it can be a huge hassle to remove. If you have downloaded on your computer you will want to remove it quickly and have some sort of protection to keep it off. Read on for some tips and resources that I recommend... […]
  • SmitFraud Removal Tool - Know What is Real and Fake!
    Do you have smitfraud and a program called SmitFraudFixTool has been bugging you to download and buy a program to remove the Smitfraud Downloader? You Need to read this article to find out why this program is fake! […]
  • Virtumonde Virus - How Do I Remove Virtumonde Once and For All?
    Virtumonde is a horrible and very aggressive computer virus that is prevalent online today. If you have this virus you need to remove it as soon as you can to stop serious PC problems. […]
services
Virus Removal

Contact Us | Privacy Policy
Copyright © 2009 Win32 Virus Removal | All Rights Reserved | Jade Theme by dkszone.net

Powered by WordPress

Powered by Yahoo! Answers