Slashdot Mirror
Malware Delivered By Yahoo, Fox, Google Ads
WrongSizeGlass writes "CNET is reporting that Avast has tracked over 2.6 million instances of malware that have been served up to unsuspecting web surfers since last December by ad services such as Yahoo's Yield Manager, Fox Audience Network's Fimserve.com and even some from Google's DoubleClick. Some high-profile sites include The New York Times, Drudge Report.com, TechCrunch and WhitePages.com. The practice has been dubbed 'malvertising.'
I usually suspect the users of 'careless web activity' when I delouse a PC, but now I'm going to have to give some the benefit of the doubt."
Really, who is surprised by this? What's the cost of an ad and fake credentials compared to getting a chance to infect millions of computers?
Say no to unsolicited content altogether! Adblockers ftw.
which is totally what she said
Yet another reason to use ad blockers. I'm starting to think Firefox should come with it out of the box.
AccountKiller
Having been an IT admin in my former life, and also having operated in a similar fashion to you, allowing unfettered access to the internet for our employees (it was a Fire Department, and the staff was there for 48 hrs straight, so allowing them some creature comforts such as facebook and youtube was appreciated). Having solid, centrally managed AV on each client machine, along with limited local user rights seemed to be effective.
I wish more facilities would take this tact instead of letting some firewall with a blacklist subscription slowly narrow the available internet to static sites that are considered "safe." True irony that advertising from some of these safe sites are now delivering payloads. Ironically, where I work now (not in IT), plenty of popup ads from news sites make it through, so I would assume we're vulnerable through this vector.
Ocean is land, covered with water.
I would like to support sites by viewing their ads but if it leaves you more open to viruses even on high-profile sites then it is not worth the risk.
Troll is not a replacement for I disagree.
1) Flash-based Banner Ad
2) JRE Exploit (CVE-2008-5353)
3) Adobe Reader Exploit
4) Profit?
From what I saw when this happened to me:
1) Javascript-based banner ad
2) MFSA2010-01 (or something similar that was present in Firefox 3.5.7)
3) Mozilla extension to redirect links from google, yahoo and bing to a site of your choice
4) Site that serves large numbers of per-impression banners for dubious porn sites
5) Profit.
And Ars Technica says I shouldn't block ads.
I repeatedly told their staff that I don't block Ars Technica, but I do block ad servers. If they want to send me ads let them server them from their own domain.
Sites resposible for ad-vectored infections should be hit with hundreds of small claims court lawsuits to recoup the costs to clean up the infections.
Maybe then they'll learn.
> I usually suspect the users of 'careless web activity' when I delouse a PC...
They are guilty of 'careless web activity': not blocking ads.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
Obviously, the biggest hurdle we're having to deal with is user education. I've got a select few folks in various departments learning to work with ad-block and no script, but for the average person, it's hard to figure out what they need to unblock and what they can block with no ill effects. It's frustrating to them, and by extension, our helpdesk guys who end up fielding calls from the same people (over and over) with the same questions. Of course, the other issue we have is vendor lock in, with their stupid sites working correctly ONLY in IE. I hate that, but in my case (financial industry) it's so rampant there's nothing we can do about it except lock stuff down as best we can.
That said...these large companies that aren't paying attention to the ads their serving are just as at fault as any un-educated (or even educated) user is.
Sent from your iPad.
Two pieces:
Ad blocking hosts file
Flashblock
Web browsing just got a whole lot faster.
Very good point, especially in light of Ars Technica's recent plea to users to stop blocking ads.
I, too, would be than more willing to disable the protective measures I've got in place, but as long as these sites rely on third party advertisers that are more concerned with eyeball collection than system security, we have a stalemate. If sites want me to see their ads, they have the burden of making sure the ads are safe (less annoying, would also be good). If I lower my guard out of "friendship" for a site, only to get a drive by download as a reward, I'm going to take it as a major breech of trust.
I'm not tense. I'm just terribly, terribly, alert.
Ouch. The two news sites I browse most often. Good thing I run AdBlock and NoScript, and I wrote myself a Greasemonkey script to rewrite all the internal links to point to the print-friendly (read: ad-free) versions of the articles.
$_ = "wftedskaebjgdpjgidbsmnjgcdwatb"; tr/a-z/oh, turtleneck Phrase Jar!/; print
They complain about advertising revenues while they are serving up ads that contain malware. To someone who hates ads to begin with, that's like saying "we know you don't enjoy crawling over broken glass, so how about crawling over glass mixed with AIDS-infected blood and barbed wire?"
Why don't you think that the top tier services should be held responsible for the results of their daisy-chaining? They got paid for handing you off.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
I believe using TeaTimer would teach the average user to constantly click "Yes" without thought. As mentioned before this kind of security has a huge education barrier. I haven't run with TeaTimer since it was first introduced with Spybot, but my experience was pretty awful being prompted anytime anything was run.
Also if TeaTimer prevents changes to the registry prompted by some piece of crapware, said crapware has already been executed. What else has it done; how much protection does blocking changes to the registry really provide?
Yes becasue it is an established fact that Fox has no bias
STRAWMAN ARGUMENT. I never said that. What I said was that CNN, MSNBC, ABC, CBS, et cetera have a pro-government and anti-individual-liberty bias.
Point - They are ALL biased, therefore if you're going to attack FOX for bias, then you should be attacking all the TV media outlets for the same reason.
"I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
Two weeks ago, someone asked me to reinstall Windows XP for them. Their disk was XP SP3.
I reinstall, and open IE to visit Windows Update
Instantly, I get a Vundo variant from a malicious ad attacking the out-of-date Flash Player that came with XP that installs without any user intervention whatsoever.
This only served to reinforce that I was right and not a webmaster/free content hating jerk when I block ads online.
Well, the browser can lower its own privileges just fine. IE8 (and IE7 IIRC) run with lower privileges than a normal user for that reason. Even if you tell it to execute as admin, it programmatically lowers its privileges at runtime.
$_ = "wftedskaebjgdpjgidbsmnjgcdwatb"; tr/a-z/oh, turtleneck Phrase Jar!/; print
I saw the word "malvertising" and thought it was redundant. I have always considered ALL advertising to be malware. Including print and TV advertising. They are all an attempt to force me to view their message, which I neither want nor asked for, and block or delay me viewing what I want to see.
Nothing to say here... move along
Why is it somehow un-ethical to block ads again?
Perhaps it's a good idea for big sites with a reputation to maintain to borrow just a bit from the old model where they sell ad space with an approval process directly to advertisers and serve the images from their own servers.