Slashdot Mirror
Some Bing Ads Redirecting To Malware
An anonymous reader writes "Security firm ThreatTrack Security Labs today spotted that certain Bing ads are linking to sites that infect users with malware. Those who click are redirected to a dynamic DNS service subdomain which in turns serves the Sirefef malware from 109(dot)236(dot)81(dot)176. ThreatTrack notes that the scammers could of course be targeting other keywords aside from YouTube. The more popular the keywords, the bigger the potential for infection."
Posting to undo accidental mod
People use Bing?
Laughter is the Spackle of the Soul.
...ad hosting network (that happens to be used by major search providers) compromised to serve malware.
I suppose you can be mad at Microsoft for not constantly scanning their customers, but "Bing ads" is still misleading in the usual headline sensationalism way...
Nothing to be afraid of here, unless the same ads are place beside Yahoo! search results.
Linux is for people who don't mind RTFM.
And we get the MS logo instead of the Borg Bill. :(
...and for those of us who think that ads -are- malware, just targeted at a different processor, AdBlock still takes out two birds with one stone...
~ Whence do you come, slayer of men, or where are you going, conqueror of space?
Proof that blocking all ads, web beacons, HTTP(S) referrer, and a host of other things is prudent. If a business needs ads, they need another model to make money.
I started using it a couple weeks ago because https is a useless waste of cycles. The one party you'd like to hide your searches from is NSAGoogle, and https doesn't do that. Bing gives your searches to NSA too, but at least they don't force you to use https and heat up your CPU for no good reason. Also, Google isn't simple and clean like it used to be, so Bing's pointless eye candy is no longer such a big disadvantage.
That said, I'm thinking of switching back to Google because Bing's maps suck. Also, when using Chrome you get Bing searches from typing in the URL bar instead of the URL.
I'm thinking I might try Firefox again too. Plainly, my once stable browser and search preferences are in a state of flux. This is almost entirely due to browsers and/or search engines chewing my CPU for no good reason.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
Why not? .... Money is money .....
Aside from the other obvious reasons, such as "it looks awful" and "for the types of things I search for, it's vastly inferior to Google".
This is news somehow?
If your cpu is overworked by browsing 1 secure site, you might want to consider an upgrade.
Clicks on ads? They deserve to be infected with sirefef. Plus, it's job security for me. Sirefef is a piece of cake to remove for me, but my customers are dead in the water. Money is money.
I do it because as key lengths get longer, it is harder and harder to browse the HTTPS web using a telnet client. That is even with my pocket calculator nearby!
I started using it a couple weeks ago because https is a useless waste of cycles. ...
but at least they don't force you to use https and heat up your but at least they don't force you to use https and heat up your CPU for no good reasonCPU for no good reason
What.
I had someone else trying to tell me that scp is slower because encryption slows the file transfer.
I.... I just don't know...
What the hell is going on?!
--
BMO
Perhaps you should consider upgrading from a 200MHz Pentium Pro. Just sayin'.
You are in a maze of twisty little passages, all alike.
What do they expect? Of course Bing is going to link to microsoft.com.
"National Security is the chief cause of national insecurity." - Celine's First Law
People use Bing?
Yes. More than a few software packages try to incorporate a Bing bar plug in and set the search engine/homepage to Bing. That includes some software that is not outright malware (well, at least not before they chose to make money on pushing toolbars).
DirectX install tries to peddle Bing Bar which is installed with default settings.
The actual article is here. TheNextWeb is a stupid site that doesn't work at all if you are not running Javascript. I choose to block most scripts, partly because.. a lot of ads are infected with malware. Yuk.
Never email donotemail@WeAreSpammers.com
I think the pertinent question is whether Microsoft or Google or Yahoo should responsible for the ads they show.
Take any given major website, turn off AdBlockPlus, FlashBlock (or alternatives), and NoScripts (or alternatives). How many ads can you count that are of the nature: "Learn that 1 wierd trick to lose 10 pounds" or "Enter your age to see if you qualify for money to go back to school" or "blah blah obvious scam".
They are everywhere. Now for me, I think much less of a website and the entity that owns it if they are serving these ads. I actually feel that if you get scammed through one of them it should be the website's fault for being party to a crime, because they served you the malicious ad.
If I had a brick and mortar business, and people paid me to stand inside my business and "demo products" or something, and you came in and got scammed, you would be pissed at my business. The business might also be liable.
Obviously the internet is different than meat space. Obviously you cant fix stupid. So who is responsible for serving a malicious ad?
Hey man, google STEALS your information! MS told me so. So that must mean that MS doesn't do that. I mean, they'd be HYPOCRITES otherwise. So I use Bing to keep my porn searches safe. My sexual attraction to boobs and butts will remain safe from the NSA.
Whatever your problem is, it's not with SSL.
AES-256 on my old laptop works at 65 MB/s. AES-128 goes at 90MB/s. This might be a bit of a problem if you've got a gigabit LAN and are using it to full capacity, but given that googling stuff amounts to about 24K there's no way that is making a noticeable difference.
only if you're looking to get Scroogled.
Well there's Steve Ballmer, Bill Gates, Steve Ballmer's mom, and Bill Gates' mom.......and that's about it.
Not defending Bing in particular here, but every ad network gets utilized to deliver ads by malicious parties. Every ad company you can think of has staff that work full time just to look for and filter out malicious ads. A pretty significant portion of all malware is delivered my ads that are unwittingly served by sites from Facebook to CNN or any other site you can think of.
Here's a nice link to a NIST report on the matter that you can get to once the government gets back to work. The problem goes back many, many years, so why on earth is this being reported as news?
That was my first thought, too. My second was, "People still use Windows?"
Good, inexpensive web hosting
Malware ads have NEVER occurred with Google!!!
lol
If you click on an AD, you pretty much deserve to be infected
You DO know that microsoft hands over to the NSA everything from bing too right? And windows. Which is the true goldmine of information due to the on by default 'customer experience program' data windows reports... theres so much stuff buried in there. all about your pc. your data. and what you DO all day. Oh but you can opt out of that... If you find the option. It's like the wheres waldo option.
"People still use Windows?"
For certain values of "people".
Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
Anything that sets anything on you computer without telling and asking in a way you what is happening is malware.
AOL.com gives better results than Bing, much to my surprise.
I started using it a couple weeks ago because https is a useless waste of cycles. ...
Dude, the tinfoil is only supposed to be used to make a hat, not a damn hole-less ski mask that also cuts off your oxygen.
Well it is. SSH protocol overhead is higher than the minimal TCP overhead on the data connection for an FTP transfer. Whether this is significant or not is a different issue, but the statement is strictly true.
I always thought bing was a malware....
i got infected with a fake antivirus program from an advertisment once. the weird part is that i was running an antivirus program too. must've been a really new malware that the real antivirus program couldn't detect.
i ended up running malware bytes anti malware and some other software to delete the malware. grr
It's like Bing is all growed up now! Somebody should buy the tyke some long trousers.
Most people these days who use Google use more than just the search feature, but that being said, even if you don't that is a phenomenally ridiculous reason to switch search engines from Google to Bing.
OK. You have to be trolling. You don't trust Google with your searches, but you do trust them with your entire computer. Excellent.
If you aren't trolling: News Flash: Google isn't protecting your data any less than Microsoft. If Google reports more, it means they are more honest. What you are doing is sleeping with the local whore who swears she never cheats on you because your ex-girlfriend "admitted" that she had sex against her will.
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
Surely if Bing gives you a link to Bing, then Bing is linking you to malware...
Right... Ok. Just like that magical kill switch that is sitting in all Windows OS's? You know, the one that hackers have continually found and exploited in the past decade. Or the credit card information that is also uploaded to MSFT -- the hackers have used that data stream too!
Chances are high that the data NSA gets is not from being 'inside' MSFT or GOOG or AAPL products, it's from sitting between them at major content distribution nodes around the net.
Bing is the superior search engine when it comes on porn. It's just like IE was better than Netscape for porn. It's like Bill Gates knew what we were really doing.
doesn't every body love bonzi buddy?
lose != loose
I like the daily pictures and they don't use redirects for exit links (unlike Google) so there's one less area where I'm being tracked.
Funny about his discovery while they're just running the "google put these ads in your email" scroogled TV spots...
Apparently. And they both just got... sbinged?
Bill Gates's mom is dead, you insensitive clod!
This just in: a freaking buttload of Google ads redirect to malware. If you want an example, type in "[insert name of any manufacturer or anything] support" into Google. 100% of the paid results are fakes, scams, or install malware. This has been true for years. Why don't they do anything about it? $$$$$$$$$ of course.
This is exactly why I use AdBlock to block ads. It's defense in depth. Ad networks can be another vector for infection.
I do when Google tries to be too helpful and fails to give me the results I actually want, assumning I mistyped.
Clearly most people have never used it, yet there seems to be a strong opinion that it's rubbish. I wonder how people know.
Except that these companies are "required" (as in, forced to do it and/or paying them off; legally or not) to turn over ALL information to the NSA. And, even then, the NSA hacks into their systems or related systems and takes whatever they want anyways. See the NSA using a MITM attack on Google recently as that's the most fitting example I can think of off the top of my head.
Because of this I was messing around and found the biggest act of defiance anyone or group can do is turn off cookies.
Yep. 4 of them to be exact.
Advertisers have risen from their graves to eat your brains. Stop them with adblock plus / edge, noscript and ghostery.
You know they are effective when advertisers call them the 'trifecta of evil' - http://www.makeuseof.com/tag/adblock-noscript-ghostery-trifecta-evil-opinion/
Oh, and if you happen to be an advertiser who is reading this comment, I have a very special message to you. Advertisers: please kill yourself. You failed out of your chosen field and profession and have become an advertiser. You have nothing to live for. Everyone hates you. Please, please kill yourself.
Clearly most people have never used it, yet there seems to be a strong opinion that it's rubbish. I wonder how people know.
I wonder how you know that "clearly most people have never used it". Oh wait, you just assume.
The strong opinion comes from those who used it, is that not obvious?
Most code worked pretty neat and fast on a Pentium II/III back in the days.. Just sayin'.
Except the crap in the "Promotions" label turns out to be third party crap listservs, wholly unrelated to nor which came from Google, that you signed up for when you ordered that new hard drive from Amazon or put your email address on that paper form when you signed up for your Staples Rewards card. This is random shit you would have appear in your inbox (assuming you aren't using filters) regardless of whom you choose your email provider to be.
Now, if Microsoft called it the "Screwhoo!" campaign, that'd actually have at least a tiny bit of truth to it. I used the Yahoo! Mail app on my Android device to check my Yahoo! Mail inbox for the first time in who-knows-when and there was an actual "sponsored" item at the top of my inbox that wasn't even email, but a direct advertising link! Screenshot.
It's an answer. One of two possibilities.
Is it possible that there's such a strong dislike of Microsoft on Slashdot that people will dismiss it as rubbish without actually trying it?
So, instead of "You're getting Scroogled!" ... which would be bad... now "You're getting put on the BingBus!" ?
Between the two, I'd rather just have a nice long comfortable scroogle, because apparently getting on the BingBus results in contracting a nasty STD (site transmitted download).
It's an answer. One of two possibilities. Is it possible that there's such a strong dislike of Microsoft on Slashdot that people will dismiss it as rubbish without actually trying it?
Ah, you mean on Slashdot, not in the general population. Sure, it's more than possible.
Some people are into that...
Bing ads that infect users Microsoft Windows computers with malware, shurly :)
I use it for Bing rewards. I have no loyalty to any particular search engine and if Microsoft's going to pay me to use theirs, so be it.
You have to be trolling. You don't trust Google with your searches, but you do trust them with your entire computer. Excellent.
Nope. I don't trust *anybody* so as long as it's all out there, I might as well not be wasting cycles. As for my machine being underpowered, bollox! I think there might be some dust impeding airflow, and it's a laptop and a pain to clean out. It's probably on its last legs anyway. Whether or not https is a major contributor, I don't know; but it can't hurt to get rid of it it I don't care because I'm actually *not* wearing a tinfoil hat as some people implied. I mean, if I were wearing tinfoil wouldn't I be running https through multiple proxies or something and not caring about how fast the browsing is? I mean, sheesh... you never know how a post is going to go over on Slashdot. I guess most of the pushback is from the fact that I'm a long-time Microsoft user (on the desktop, not servers), make no apologies for it, and never will.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
Your programmers are too lazy to give me options that make things run efficiently, and I'm unwilling to shell out a few hundred dollars to accommodate your lazy programmers. We seem to have reached an impasse.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
Yes. One of the bits of Malware changes your search selection to Bing so that it spreads.
" but the statement is strictly true."
There's "mathematically true" at arbitrary precision and then there's reality, where the difference is not even a rounding error when brought to 4 places.
Anyone who says that scp is slower than unencrypted, as if it makes a real difference in wall time, needs a slap.
--
BMO
That's typically fairly trivial though.
Now, if packet compression is occurring and you're sending highly compressible files...
Windows NT 3.5 could boot with 12MB of RAM. Think about that.
It probably didn't work well, but I was doing an experiment for fun because I had a stack of 1MB SIMMs and a little device that let you stack a bunch into a single memory slot. Nowadays, Solitaire probably can't run in 12MB of RAM.
You are in a maze of twisty little passages, all alike.
They're also advertiser owned/bought out (& do less 4 you) - Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C & load w/ OS + 1st net request resolver queried w\ 45++ yrs.of optimization):
---
APK Hosts File Engine 9.0++ 32/64-bit:
http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74
---
* "A fool makes things bigger + more complex: It takes a touch of genius & a lot of courage to move in the opposite direction." - Einstein
(Browser addons do that, slowing browsers up - hosts, by comparison, don't)
---
A.) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Foxes guard a henhouse", or Request Policy -> http://yro.slashdot.org/comments.pl?sid=4127345&cid=44701775
B.) Hosts add reliability vs. downed DNS & protect vs redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comments.pl?sid=3985079&cid=44310431 w/ less added "moving parts" complexity + room 4 breakdown,
C.) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed DNS or vs. Kaminsky vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).
---
"Less is more" = GOOD engineering!
(Vs. slowing down SLOWER usermode browsers layering on MORE in addons which slow them down more: I work w/ what you have in kernelmode, via hosts - A tightly integrated PART of the IP stack itself)
APK
P.S.=> "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"
...apk
No. The pushback is because you made several ridiculous statements. Switching search engines because of HTTPS is a completely 90s thing to do. In 2013 it makes absolutely no sense whatsoever.
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
They're also advertiser owned/bought out (& do less 4 you) - Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C & load w/ OS + 1st net request resolver queried w\ 45++ yrs.of optimization):
---
APK Hosts File Engine 9.0++ 32/64-bit:
http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74
---
* "A fool makes things bigger + more complex: It takes a touch of genius & a lot of courage to move in the opposite direction." - Einstein
(Browser addons do that, slowing browsers up - hosts, by comparison, don't)
---
A.) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Foxes guard a henhouse", or Request Policy -> http://yro.slashdot.org/comments.pl?sid=4127345&cid=44701775
B.) Hosts add reliability vs. downed DNS & protect vs redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comments.pl?sid=3985079&cid=44310431 w/ less added "moving parts" complexity + room 4 breakdown,
C.) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed DNS or vs. Kaminsky vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).
---
"Less is more" = GOOD engineering!
(Vs. slowing down SLOWER usermode browsers layering on MORE in addons which slow them down more: I work w/ what you have in kernelmode, via hosts - A tightly integrated PART of the IP stack itself)
APK
P.S.=> "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"
...apk
Switching search engines because of HTTPS is a completely 90s thing to do. In 2013 it makes absolutely no sense whatsoever.
Really?. A lot of those hits are quite recent. I'm not stricly blaming https necessarily either. It might have something to do with the fact that I'm slinging everything through a HOSTS file, NotScript, and Flash blocker. Once again, I don't care about the bloody NSA or even some wanker who might want to say, "look at all that dudes gay searches" because I can't do anything about somebody who is really, Really, REALLY determined to frame me or embarrass me. Those are political issues, not technical issues. The Internet is a postcard. I care about performance and not having my machine bogged down with scripts, Flash, exploits, ads, etc. If not blocking those things makes the web unusable, and blocking them makes the web too slow, then I'm drawn towards a sad conclusion: The web is dead to me. Anyway, I digress. It's not stupid. The https may not be the actual problem; it might be the combination of https, Chroms, plug-ins, and Google's search pages. I don't care that much. Just because I'm a geek doesn't mean I find *all* technical problems interesting. If switching off https fixes it for reasons that have nothing to do with https itself, then fine. Now that that's settled, we can all get on with our lives.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
Yes. Really. You don't seem to understand what you are reading. Those are discussions of overhead on the server side, and everyone who knows what they are talking about says the same thing: It is about 5% overhead. The idiot who looked at rendering the Apache "It Works" page has no idea how to benchmark. You are doing a search. Unless it adds milliseconds (and more than about100 at that) you won't even perceive the difference. Or in other words, you won't even perceive the difference.
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
Well, I'd rather be Scroogled than Balmered any day.
Clearly most people have never used it, yet there seems to be a strong opinion that it's rubbish.
I tried it when it first came out. It was rubbish. Occasionally when Google goes haywire and gives me shit results I'll try Bing again... and get even shittier results. The last time I tried Bing, I was looking to find how to register for an ISBN. Bing's top result was a hardware store.
People think it's rubbish because they've tried it and seen that it's rubbish.
Free Martian Whores!
And yet, nevertheless, I perceived the difference. As Yogi Berra said, "In theory, theory and practice are the same. In practice, they aren't".
I've heard there are some issues with SSL on XP. It's not an issue when dealing with a bank where it's mostly text; but for images and maps it just didn't scale for me.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
OK, here's what I think *really* might have happened. Ready? Drum roll.... it was... TADA! Google's roll-out of https to everybody. Why do I think this? Because I just tried it and it seems quite snappy. I noticed the problem on the first few days of https being rolled out to me.
Was there a Chrome update? I don't know. Damned thing updates itself all the time. Did Google need to allocate a few more cycles to the task than they had initially thought? I don't know. I don't work for Google. Was the whole thing psychological, based on my perceptions when seeing "https" in the URL bar? Possibly. That's the only mental error to which I might admit here. There's no way to test all of this, unless somebodyd who works for Google would like to chime in.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
They're also advertiser owned/bought out (& do less 4 you) - Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C & load w/ OS + 1st net request resolver queried w\ 45++ yrs.of optimization):
---
APK Hosts File Engine 9.0++ 32/64-bit:
http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74
---
* "A fool makes things bigger + more complex: It takes a touch of genius & a lot of courage to move in the opposite direction." - Einstein
(Browser addons do that, slowing browsers up - hosts, by comparison, don't)
---
A.) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Foxes guard a henhouse", or Request Policy -> http://yro.slashdot.org/comments.pl?sid=4127345&cid=44701775
B.) Hosts add reliability vs. downed DNS & protect vs redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comments.pl?sid=3985079&cid=44310431 w/ less added "moving parts" complexity + room 4 breakdown,
C.) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed DNS or vs. Kaminsky vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).
---
"Less is more" = GOOD engineering!
(Vs. slowing down SLOWER usermode browsers layering on MORE in addons which slow them down more: I work w/ what you have in kernelmode, via hosts - A tightly integrated PART of the IP stack itself)
APK
P.S.=> "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"
...apk
What the hell is going on?!
This was hashed out a bit in another thread below; although no real conclusion was reached. After reading a few other search results, I've seen some other people having trouble with their browser cache after the switch to https. I went back to Google searches and it worked at normal speed. Unfortunately, I don't actually recall when I last flushed my cache so I can't correlate it. In retrospect, that should have been my first course of action instead of reflexively blaming https.
I hope *some* people on Slashdot have a more open mind about things like this, and aren't just eager to make themselves feel good by being condescending. Sorry... that's not directed at you... just venting.
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
Strange. When I typed "How to register for an ISBN" into Bing I got a page full of relevant results.