Slashdot Mirror
The Next Ad You Click May Be a Virus
Jay notes a Wall Street Journal report about ad networks unintentionally selling empty space to malware loaders (the link is to a syndicating site that doesn't require a subscription to view). The submitter comments: "The labeling of the fake ad sellers as hackers is pretty bogus; there's no hacking involved. Simply sign up for one of these networks, create your fake site, put up another company's creative, and you're good to go." The incidents being reported go back a few months, but the pattern of this criminal activity seems to be coming clear only recently."EWeek.com, a technology news site owned by Ziff Davis Enterprise, in February displayed an ad on its homepage masquerading as a promotion for LaCoste, the shirt maker. The retailer hadn't placed the ad — a hacker had, to direct users to a Web site where harmful programs would be downloaded to their computers, says Stephen Wellman, director of community and content for Ziff Davis."
I mean really, its all just semantics (and semiotics) and we're all infected...cookie anyone?
/strokes adblock
While the internet is a wonderful thing; I can't help but wonder where did all of the douchebags come from. Every liar, cheat, grifter is taking their shot at fucking up the sandbox we all play in. Its all fun and games when windows users get hosed, but after awhile even that gets old. I am just a tired old man. It makes me sad that my poor view of humanity gets reinforced every time I turn around.
My coworkers and I have been dealing with AntiVirus XP and its variants for the past few months, and it seems to infect computers in exactly this way. Badvertisements. It's hardly a new phenomenon, but it's nice to see the press pick up on it. Better late than never.
Web publishers say they have started limiting the number of companies they outsource their ad selling to and are working with security vendors, such as San Francisco-based ClickFacts, to detect malicious software on their networks and remove it as quickly as possible.
I'm impressed! The Wall Street Journal talked to every Web publisher and got them to agree to do this. We should send Emily to go negotiate peace in the middle east.
...having that "Disable Advertising" checkbox from Slashdot :)
"As our way of thanking you for your positive contributions to Slashdot, you are eligible to disable advertising. "
Thank you for preventing my Gentoo Linux system for being infec...
Oh, wait...
Segmentation Fault in "Life, Universe and Everything" at line 42. Don't Panic.
Wait, they are just now realizing this? And here I had thought this was common knowledge, and that they were actually doing something to fight it.
No wonder I couldn't see anything being done about it.
Welcome to 1990 when Al Gore invented the intertubes.
from 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
to 45 2F 6E 40 3C DF 10 71 4E 41 DF AA 25 7D 31 3F
... who clicks ads? (other than for click fraud purposes)
Or it may win you ... A NEW CAR.
Are you prepared to take that risk?
Hmm ... that's not appearing like it should. It's spelt B-L-I-N-K, right?
Another company's "creative?" What the hell does that mean? Is it some industry term for "crappy banner ad?"
Ads link to malware sites?!? YAWN!
That was quite a loud yawn.
NEVER, NEVER, NEVER, I REPEAT NEVER EVER click an ad banner. If you see somthing you REALLY want to view get the source and go there in another browser window, but clicking thru an ad banner is somthing I can't ever remember doing in the entire time I've been on the net...
errr....umm...*whooosh* *whoosh* Is this thing on ?
We have a little something called Ad Block Plus.
After years of not using a signature, I am going to make one to say the following: Fuck Beta
"direct users to a Web site where harmful programs would be downloaded to their computers, says Stephen Wellman, director of community and content for Ziff Davis."
.exe and .dll again, an exclusive Windows issue disguised as a "PC" issue.
Do these affect Linux or Apple PC's? I'm guessing it's the good old Windows
Why is it that areas where Microsoft want to portray a large market share (either exaggerated by reports from shills or real) they have the words Microsoft and Windows all over the stories, yet when it's something they have an almost 100% market share on (malware compatibility and vulnerability), there's no mention of either Microsoft or Windows; it's all just PCs.
FAO the Microsoft Astroturfers, it was a rhetorical question but feel free to do your job and mod me down for pointing out the obvious. Wait, Ziff Davis does ring a familiar bell, hmmmmm.
I've been cleaning crap off of computers installed by ad popups for the past year now.
Not clicking on banner ads isn't enough. For years I've been fine with letting any non-Flash banner ad through, but I a few months ago I finally installed Adblock after finding one too many PDF exploits being loaded through banner ad display code.
It works like this: You are minding your own business browsing some perfectly legitimate web site when suddenly you get a dialog box asking if you would like to execute the JavaScript in "this PDF document". There's no PDF in sight, no other windows, nothing else suspicious.
Oh, but you only get this dialog if you have JavaScript disabled in Acrobat (most people don't).
I'm being half-serious because I've always wondered how money is being made selling ads. No one I've asked has ever clicked an ad.
people do that?
not only is time travel possible, it's irrelevant.
It must be nice under the rock they've been living under for these past few years...
Since I installed AdBlock Plus (for purposes of lowing annoyance level), I've noticed as a very pleasant side effect that my malware infection level has dropped tremendously.
Barely need to run AdAware & SpyBot & co any more, and when I do [even when their definitions are fully updated], there's barely anything for them to find
I listen to both RIAA and non-RIAA stuff if I like the music, tangential business/politics nonwithstanding.
It's anything but news. And I'm not even talking about shady scareware or "come to the page and you already signed an abo for 2 years and 160 bucks" scams.
Drive-by infection ad pages have appeared in noticable amounts about 2-3 years ago when iframe infections became en vogue. They were (and are) even actually quite professional, not just a copy of another company's page, they appear legit, but usually sell crap no person would actually want to buy (either overpriced or obviously bogus). But that's not the point. The point is to appear legit and like just some other page trying to hawk crap, so people don't wonder why someone would advertise a page with no content.
Not that the average user would wonder, but ...
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
You know, back in the good ol' days of yore, when the internet was young and so were we, we created a beautiful garden. We, the geeks, we came together and we built. We created flowerbeds and hacked away the weed so people could find a path through the wilderness, we invited other geeks to join us in our creation so they would maybe build something even greater on top of ours. We looked at it and saw it was stunning and beautiful, and we looked outside for the "others", the "mundanes", the average guy and we thought, wouldn't it be a great idea if they, too, could see how beautiful and magical it all is? Imagine, when we, a handful of geeks, can create such wonders, what miracles are waiting for us to see if we just let others join in the creation?
Sure, they were no gardeners, so we paved a few ways through our wonderland, lest they got their feet dirty on the muddy paths we used to walk on. And the people came. They came in, and they looked. Few wanted to create, actually, most just enjoyed the view (hey, how many gardening exhibits do you know where you can see exotic plants without having to pay admission?), some tried to plant but soon got fed up when they noticed they'd have to know a bit about gardening.
And of course, in came also the ones that find pleasure in destruction, who wanted nothing but to destroy the creations. We had to fence them in, we had to hire guards for our creations so they wouldn't get destroyed. Often enough, those guards were not good enough and quite a few beauties are no more.
Personally, I wonder if it was a good idea to unlock those doors and pave some ways.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
"The labeling of the fake ad sellers as hackers is pretty bogus; there's no hacking involved. Simply sign up for one of these networks, create your fake site, put up another company's creative, and you're good to go."
.swfs as well as what is refered to as "rich media" which is often a few lines of code pasted into a file (usualy the code sources to a javascript) that serves up a redirected ad from another location. When these files are uploaded the database scans for malware that could potentially harm a computer system. More often than not these files are automatically turned off when the ad server detects an issue and emails the network administrator of the issue (presuming that the database of malicious software has been updated by the service provider a la google, microsoft, etc). Yes, on occasion something sneaks through.
.js file swapped out with the malicious software. Since this file has already passed the initial security check- it is not always scanned again for any potential exploits etc.
well yes and no. What we are dealing with here is a combination of both hacker (as i will describe shortly) and con artist (which i will also describe shortly). Its not quite as easy as you think...
This problem extends well beyond ad networks- but first lets take a look at the ad serving software. The primary databases used for serving ads are DART (now owned by google), Atlas (now owned by microsoft), Zedo and OAS. Ads are uploaded into these databases in a variety of formats. Typically limited to Jpegs, gifs,
Now onto how media is bought and sold. Typically when a site is approached for a request for ads, the publisher will ask the "agency" or "network" for a credit check. This is wear the mechanics break down- more often than not. Salespeople, especially green ones who (like most sales people) are both anxious to close a deal on remnant space AND are not aware of the ad serving technology and the potential for malicious intent, will cut corners and get the ads up. When these ads come in, they are loaded into the server- 99% of the time as real properly functioning ads. They click to the right locations and pass through the ad serving security services. A couple of days later, as the ad has been serving fine, the redirected urls (typically something like ads.somewebsite.com/324234/adserver/creative.js) have their
So- the quick solution is having ad networks and publishers take accountability for their sales people. It does not take much effort to find out if a "agency" can be trusted. I had one company recently try to pass of malicious ads but we traced their address back to a pizza parlor in LA (obviously a fake) after realizing no credit check was run. Second, and most important will be the methods of security taking by the major ad publishing softwares. Unfortunately, if you know anything about working with ad servers- critical updates move about as fast as html5 development (sllloooowww).
This is a good reason to block all ad sites at your corporate firewall. You'll probably cut your Internet bandwidth usage in half, too.
This term is used in all forms of advertising.
Why am I not surprised that this word is invented by a marketroid?
They want their headline back!
AdBlockPlus FTW!
Imagination drew in bold strokes, instantly serving hopes and fears, while knowledge advanced by slow increments...
To be honest, "fake" ads dragging you to a hateful, malware-spewing website is rather tame. The real fun was the banner ads that infected you directly, simply by viewing the flash.
*Sigh*
Just another reason to use adblock and noscript.
This work is licensed under a Creative Commons Attribution 3.0 Unported License.
So say someone clicks an ad at a reputable site to support them, which is actually malware which does 'software' damage(lost productivity, loss of PC uptime, etc) to a users PC by injecting something. Who becomes responsible? The end user? The content provider? Ad provider? Guy making the malware? Everyone? Last 3 people in the chain?
Answers to this? I realize those of us in the /. crowd are technically inclined, but the average person isn't. I really do start to expect heads to start rolling over this.
Om, nomnomnom...
That's what you get for clicking on ads. If I see something interesting I type the name of the company myself.
Because I sure as Hell ain't clicking on any ads, Honey. I blame the virus. I'm going to go dispose of these bad bad magazines right now.
The rest of us don't have to worry about this nonsense. If it bothers you, get a mac. They don't have this problem. Instead, we just click merrily away at any old thing that catches our interest for a moment. You would like it. It's called browsing.
Help stamp out iliturcy.
I know there were plenty of scammers specifically targeting Final Fantasy XI community sites with these types of exploits to nab account details from players (and I'm sure WoW and all the other major MMOs were targeted as well). IIRC, that kind of activity was heaviest throughout 2007 and into early '08, although it seems to have died down a lot lately. Folks who got infected found their accounts getting hijacked, with their in-game money and valuables being shuffled off to mule accounts, where they're in turn sold off for real money.
All the more reason to use things like Adblock Plus, FLashblock, and NoScript (if you're using Firefox that is). I haven't seen an ad on my home or work computers in months.
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
...the next ad you click? Do people still do that?
I haven't even seen an ad in years...what am I going to click on that's not there?
(Firefox-since 0.8ver.-before it was called Firefox, Adblock [plus], noscript, and flashblock)
Does this advirus run on Linux?
(kubuntu 5.04 thru 9.04-presently)
Down With Slashdot BETA!!! I've been around the corner and seen the oliphant; you can only abuse me from your perspecti
... "viral" marketing! Oh, honey, trust me, I'm not infected. I'll lick your abs if you click my ads!
Intellectual Property: an immaterial non-entity, most fiercely contended by those with no proper intellect to speak of.
In case you did not know it: Average click-rates of ads on the Internet are even below the number of random clicks that people do in error. I know, because I worked at a large company, and my colleagues studied exactly that.
0.1% click rate is something, that ad companies will open bottles of champagne about. Usually it's much less.
Which can mean both, that ad-blockers are used more and more, and that people subconsciously click less on ads, even when they did not want to click there.
In my eyes, all ad clicks on the net are such unwanted clicks, (and company-own-bots making some cash, ) and the whole industry is fake.
The biggest joke is, that as those prices, they could also bill the user trough a micropayment. Because if I remember it correctly, 1000 clicks costed roughly 50 €. At 0.05% click rate, this is:
50 € / 1000 clicks * 0.0005 (click rate) = 0.000025 € / page-view = 400 page views per cent that you pay.
Now that is a price that we all can live with, isn't it? Hell, I would pay ten times that, and still be ok with it.
All we need, is some micropayment system that can track all our page views, across all servers... Oh, wait!
Any sufficiently advanced intelligence is indistinguishable from stupidity.
As a house call tech, I eventually just made up some little 3 inch stickers to put on my customer's monitor: NEVER CLICK ON ADS. Best antivirus tool ever.
~Just as a thing fails if it lacks a kernel, so too it fails if it lacks a skin. ~ Rumi, Discourses
I think you got modded down because your posts read like Timecube.
The name is Lacoste, due to the fact it was founded by legendary tennis player René Lacoste.
Hardly surprising coming from a nation who think McDonalds is a restaurant instead of a burger bar.
Well it sure is a good thing Slashdot just let me disable their ads!
What timing, I tell ya...
[mods, please don't mod this one up beyond 1. I'm not using my karma bonus either, as I don't want anyone coming across the whole open post at work, without seeing the warning first, just in case there's a humorless censor policy involved. But I stand by my posts and therefore it's not AC. If I lose a potential job as a result, so be it, I'd be unhappy working there anyway.]
I expect all cookies are "tracking cookies" to the malware detector, tho it may not see the per-session cookies at all, because most browsers keep those in memory only -- they never hit disk.
FWIW, for cookies, a decent browser these days allows per-site choice. You set a default (which is off, here, or ask, I'd never consider on a valid cookie default), and then have per-site exceptions. For ask, the default answer to the prompt should then be no, with the remember my choice set, so it remembers it for that site. In this way, in a week or two, the sites one normally makes the rounds of are already set and the level of bother drops dramatically.
Another option that helps is the turn all cookies into session cookies option (IOW, don't honor the expires tag, since no tag is assumed by convention to mean session only). The way I work it here, I have privoxy set to session cookies only, thus stripping the expires tag off of all cookies it sees (it doesn't handle https at all, passing it straight thru unfiltered, so those cookies get thru with the expires tag intact.) Then I set the browser's cookie options as I want, normally off with exceptions tho that's not so critical now, and don't worry about it, because they'll all be forgotten at the end of the session anyway. If I want a particular site's cookies saved, I set an exception in privoxy first, so the cookies for that site now come in with expires tags, and then set the browser options to save cookies for that site (the option can usually handle downn to specific URLs if desired, but per-site is generally good enough and much less management hassle).
If all cookies are treated as session cookies, it eliminates the cookie issues on shopping sites and the like, but login cookies aren't saved between sessions, so you have to login once every new browser session.
FWIW on the condoms thing, it's simply the oil vs water based lube deal. Oil eats rubber, so for both condoms and rubber/silicon/plastic sex toys, oil-based lubes, including vaseline, are a no-no. Water based lubes such as the various glycerin/water based lubricating jellies (KY, and most of the stuff you'd see at sex shops these days too, since oil damage to both condoms and toys is well known in the industry, and it can be a literally life and death thing when you're depending on that condom to prevent AIDS) are fine with rubber, etc. However, water/glycerin based tends to dry out faster than oil under conditions where lube may be needed in the first place, and applying more can make it too thick after awhile, so if that is found to be an issue, rather than going back to oil as one may be tempted to do, consider simply keeping a squirt bottle of water or water pre-thinned lube around, to renew the moisture level only, when necessary.
Wow, I feel like I was just browsing around, and just came across and edited a wikipedia article on some kink or another now, for some reason! =:^)
Duncan
"Every nonfree program has a lord, a master,
and if you use the program, he is your master."
R Stallman