Slashdot Mirror

← Back to Stories (view on slashdot.org)

Malware Installed by LiveJournal Ad

Posted by ryuzaki0 on from the egg-on-face dept.

Jamesday writes "LiveJournal recently introduced an ad-supported level. Over the last few days an advertiser used an ad to install the ErrorSafe malware that tried to trick people into believing they had a fault on the computer that needs them to purchase a fix. The ad used a server-side setting and targetted only those outside the US, to prevent LiveJournal's own checks from noticing it. LiveJournal has apologized for the ad and slow response." Even our readers have had to endure more than one browser-crashing ad campaign from time to time. Thanks for sticking around.

7 of 199 comments (clear)

  1. This isn't too surprising by Khyber · · Score: 5, Interesting

    I use an ad-supported LJ account, and the mentioned advertisement was made in flash. I had to deal with it a couple of days ago. Hoo-ray for security holes. Can't we just sue the ad company for unauthorized usage of our computer's resources?

    --
    Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
    1. Re:This isn't too surprising by Khyber · · Score: 5, Insightful

      I don't see any part in the TOS or User-Agreement that states "By viewing this site you agree to have shit you don't want installed on your system by our supporting advertisers."

      --
      Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
  2. Re:Are there any humans around? by Anonymous Coward · · Score: 5, Informative

    What part of "The ad used a server-side setting and targetted only those outside the US, to prevent LiveJournal's own checks from noticing it. LiveJournal has apologized for the ad and slow response." did you not read?

  3. I know publishers hate ad-blockers... by BertieBaggio · · Score: 5, Insightful

    ... but they and the advertisers are the ones driving people to them.

    No seriously, is it any wonder people turn to ad-blockers? Try reading an informative bit of text when there's a Flash advertisement of box jumping around and flashing like a student at Mardi Gras. I don't care if you are trying to tell me I'm your millionth visitor. You misspelled congratulations! The box makes me wish I had no peripheral vision! FOAD.

    Now I know publishers want to make a buck (I have a few websites [sans-advertising] myself), but if the advertisers are going to use annoying/underhand methods, people will take steps to protect themselves. A lot of these companies would do well to look at the sort of program Google offers: inoffensive, targeted, text ads.

    In short: make your advertising better -- advertisers AND publishers -- or lose that which you supposedly value. Eyeballs.

    --
    If all you have is a grenade, pretty soon every problem looks like a foxhole -- MightyYar
  4. weak effort by v1 · · Score: 5, Insightful

    While it was good of them to pull the ad from the rotation immediately, they failed in several other ways:

    (1) they failed to post a notice or provide links for the removal of the malware. At best in the blog there are references that such removal instructions exist, peppered with a warning that some of them are actually malware themselves. They should have made the fix EASY and FOOLPROOF to obtain after getting their readers infected. It's been how long since they got their subscribers infected and they have done nothing more than to stop more of them from getting infected. They helped to break the computers, they should play an active roll in fixing them.

    (2) the impression I got from their posts in their blog was that "oops sorry not our fault, not our advertiser's fault, it's one of the ad companies that subscribed to our advertiser". This is a cop-out. When you provide a service like they do, your advertisement is a bundle that comes with your service, and as such you are responsible for its content. I don't care if it's a 3rd party. You take on the responsibility for the content you deliver, regardless of how you get it. You can have legal arrangements with your content providers that provide YOU with a legal remedy, but the grief passes through you. You get sued, and then you sue the ones upsteam that caused you to get sued. You do not "pass the buck" and point a finger up the chain three levels and say not my problem good luck getting anything out of them, because the consumer has no legal recourse against those people. You as the content provider do have a legal recourse against your advertiser, and they have recourse against their affiliate who caused the problem in the first place. This pass the buck mentality is cheap and lazy, and they should be ashamed for trying to pull it.

    --
    I work for the Department of Redundancy Department.
  5. Re:simple fix by vivek7006 · · Score: 5, Funny

    My simple fix for the security problems associated with Flash is to not install flash. Let's face it, 99.9% of flash is just obnoxious ads anyway

    Even better, just disconnect your computer from the internet. Who needs internet? Let's face it, 99.9% of internet is just obnoxious anyway.

  6. Re:Breaking News by Jacked · · Score: 5, Insightful
    People are instinctually selfish, and it will never change.

    Exactly, and that's not necessarily a bad thing. It is precisely because of self interest that others are willing to offer us their goods and services. One of my favorite quotes puts it much better than I can:

    "It is not from the benevolence of the butcher, the brewer, or the baker that we expect our dinner, but from their regard to their own interest." -- Adam Smith