Wednesday, March 24, 2010

Malvertising: Malware Delivered by Yahoo, Fox, Google Ads

Via CNET -

Malware that exploits holes in popular applications is being delivered by big ad delivery platforms including those run by Yahoo, Fox, and Google, according to Prague-based antivirus firm Avast.

Viruses and other malware were found to be lurking in ads last year on high-profile sites like The New York Times and conservative news aggregator Drudge, and this year on Drudge, TechCrunch and

Now, researchers at Avast are pointing fingers at some large ad delivery platforms including Yahoo's Yield Manager and Fox Audience Network's, which together cover more than 50 percent of online ads, and to a much smaller degree Google's DoubleClick. In addition, some of the malicious ads ended up on Yahoo and Google sites, Avast claims.

"It's not just the small players but the ad servers connected with Google and Yahoo have been infected and served up bad ads," said Lyle Frink, public relations manager for Avast.

The most compromised ad delivery platforms were Yield Manager and Fimserve, but a number of smaller ad systems, including Myspace, were also found to be delivering malware on a lesser scale, Avast Virus Labs said.

Found in ads delivered from those networks was JavaScript code that Avast dubbed "JS:Prontexi," which Avast researcher Jiri Sejtko said is a Trojan in script form that targets the Windows operating system. It looks for vulnerabilities in Adobe Reader and Acrobat, Java, QuickTime, and Flash and launches fake antivirus warnings, Sejtko said.

Users don't need to click on anything to get infected; a computer becomes infected after the ad is loaded by the browser, Avast said.


This isn't really breaking news, as this has been happening for at least the last two years pretty strongly. I remember my early days in Myspace....malware ads everywhere.

This story should serve more as a reminder to those that think they are safe because they only go to "safe sites" and only people going to "bad sites" get nasty malicious ads.

When it comes to malicious ads...there are no "safe sites". Patch now and patch often.

No comments:

Post a Comment