Malware Delivered By Yahoo, Fox, Google Ads 319
WrongSizeGlass writes "CNET is reporting that Avast has tracked over 2.6 million instances of malware that have been served up to unsuspecting web surfers since last December by ad services such as Yahoo's Yield Manager, Fox Audience Network's Fimserve.com and even some from Google's DoubleClick. Some high-profile sites include The New York Times, Drudge Report.com, TechCrunch and WhitePages.com. The practice has been dubbed 'malvertising.'
I usually suspect the users of 'careless web activity' when I delouse a PC, but now I'm going to have to give some the benefit of the doubt."
Surprise! Oh, wait... (Score:2, Insightful)
Really, who is surprised by this? What's the cost of an ad and fake credentials compared to getting a chance to infect millions of computers?
Re:Say No To Flash (Score:5, Insightful)
Say no to unsolicited content altogether! Adblockers ftw.
Adblockers anyone (Score:5, Insightful)
Re:Yup....seen it. (Score:5, Insightful)
I wish more facilities would take this tact instead of letting some firewall with a blacklist subscription slowly narrow the available internet to static sites that are considered "safe." True irony that advertising from some of these safe sites are now delivering payloads. Ironically, where I work now (not in IT), plenty of popup ads from news sites make it through, so I would assume we're vulnerable through this vector.
Adblocker (Score:5, Insightful)
I would like to support sites by viewing their ads but if it leaves you more open to viruses even on high-profile sites then it is not worth the risk.
Re:Much more profitable than click-throughs... (Score:3, Insightful)
1) Flash-based Banner Ad
2) JRE Exploit (CVE-2008-5353)
3) Adobe Reader Exploit
4) Profit?
From what I saw when this happened to me:
1) Javascript-based banner ad
2) MFSA2010-01 [mozilla.org] (or something similar that was present in Firefox 3.5.7)
3) Mozilla extension to redirect links from google, yahoo and bing to a site of your choice
4) Site that serves large numbers of per-impression banners for dubious porn sites
5) Profit.
Ars Technica (Score:5, Insightful)
And Ars Technica says I shouldn't block ads.
I repeatedly told their staff that I don't block Ars Technica, but I do block ad servers. If they want to send me ads let them server them from their own domain.
Sites resposible for ad-vectored infections should be hit with hundreds of small claims court lawsuits to recoup the costs to clean up the infections.
Maybe then they'll learn.
'careless web activity' (Score:4, Insightful)
> I usually suspect the users of 'careless web activity' when I delouse a PC...
They are guilty of 'careless web activity': not blocking ads.
Re:Yup....seen it. (Score:4, Insightful)
Obviously, the biggest hurdle we're having to deal with is user education. I've got a select few folks in various departments learning to work with ad-block and no script, but for the average person, it's hard to figure out what they need to unblock and what they can block with no ill effects. It's frustrating to them, and by extension, our helpdesk guys who end up fielding calls from the same people (over and over) with the same questions. Of course, the other issue we have is vendor lock in, with their stupid sites working correctly ONLY in IE. I hate that, but in my case (financial industry) it's so rampant there's nothing we can do about it except lock stuff down as best we can.
That said...these large companies that aren't paying attention to the ads their serving are just as at fault as any un-educated (or even educated) user is.
Re:Adblockers anyone (Score:4, Insightful)
The problem is that a large amount of money on the internet is made through advertisements. If Firefox gains marketshare, and starts with adblocking, thats tons of revenue stream being cut off. Google makes a lot of money through advertising, and they seem to be the only ones pushing for progress right now. I don't know if I'd want to go and reduce their income.
In Alberta - it's illegal to have a billboard on a Highway. Based solely on the idea that it causes more accidents because billboards are distracting. This isn't a direct attack on the speed limit, a major factor, or Alchohol, another major factor. Because attempting to control those other 2 factors would cause a huge upset.
Same with internet advertising, you can't just stop it all and make the world a better place.
Re:One lesson to learn (Score:1, Insightful)
Two pieces:
Ad blocking hosts file [mvps.org]
Flashblock [mozilla.org]
Web browsing just got a whole lot faster.
Make the Ads Safe (Score:5, Insightful)
Very good point, especially in light of Ars Technica's recent plea [arstechnica.com] to users to stop blocking ads.
I, too, would be than more willing to disable the protective measures I've got in place, but as long as these sites rely on third party advertisers that are more concerned with eyeball collection than system security, we have a stalemate. If sites want me to see their ads, they have the burden of making sure the ads are safe (less annoying, would also be good). If I lower my guard out of "friendship" for a site, only to get a drive by download as a reward, I'm going to take it as a major breech of trust.
Re:Yup....seen it. (Score:3, Insightful)
Comment removed (Score:4, Insightful)
Re:ORLY? (Score:3, Insightful)
Why don't you think that the top tier services should be held responsible for the results of their daisy-chaining? They got paid for handing you off.
Comment removed (Score:3, Insightful)
Re:One lesson to learn (Score:3, Insightful)
Yes becasue it is an established fact that Fox has no bias
STRAWMAN ARGUMENT. I never said that. What I said was that CNN, MSNBC, ABC, CBS, et cetera have a pro-government and anti-individual-liberty bias.
Point - They are ALL biased, therefore if you're going to attack FOX for bias, then you should be attacking all the TV media outlets for the same reason.
Ad CDNs have been a nightmare (Score:4, Insightful)
I reinstall, and open IE to visit Windows Update
Instantly, I get a Vundo variant from a malicious ad attacking the out-of-date Flash Player that came with XP that installs without any user intervention whatsoever.
This only served to reinforce that I was right and not a webmaster/free content hating jerk when I block ads online.
Re:The real defense line (Score:3, Insightful)
Re:Why I don't run ads (Score:3, Insightful)
I saw the word "malvertising" and thought it was redundant. I have always considered ALL advertising to be malware. Including print and TV advertising. They are all an attempt to force me to view their message, which I neither want nor asked for, and block or delay me viewing what I want to see.
Remind me (Score:4, Insightful)
Why is it somehow un-ethical to block ads again?
Perhaps it's a good idea for big sites with a reputation to maintain to borrow just a bit from the old model where they sell ad space with an approval process directly to advertisers and serve the images from their own servers.