Some Bing Ads Redirecting To Malware

An anonymous reader writes "Security firm ThreatTrack Security Labs today spotted that certain Bing ads are linking to sites that infect users with malware. Those who click are redirected to a dynamic DNS service subdomain which in turns serves the Sirefef malware from 109(dot)236(dot)81(dot)176. ThreatTrack notes that the scammers could of course be targeting other keywords aside from YouTube. The more popular the keywords, the bigger the potential for infection."

Re:Who's responsible for the ads served

[Animats]

I think the pertinent question is whether Microsoft or Google or Yahoo should responsible for the ads they show.

That's a very good question. Because the major search engines do not vet their advertisers very well. Google had to pay $500,000,000 to the USDOJ when they were caught willfully running ads for an obvious drug dealer. (No, it wasn't about "Canadian pharmacies". Some Google apologists tried to spin it that way, but the details came out.) Google has since clamped down. They had to; they were on DOJ probation for two years, with felony charges hanging over them. "Oxycontin no prescription" no longer returns ad results. Same for "viagra". Bing now pops up an "Is it legit?" box for searches like that.

Google's clampdown was narrow. Searches with "foreclosure" and "credit repair" have a high population of scammers. Financial search keywords carry a high price, because the marks can be taken for big amounts.

It's possible to measure basic advertiser legitimacy. We do that with SiteTruth, which tries to find the real-world business behind the ad. For over 30% of Google advertisers (by domain name), there's no identifiable real-world business behind the ad. (Running an anonymous business is illegal in some states and in the EU.) That's embarrassing, and highly profitable for Google.