Slashdot Mirror
Some Bing Ads Redirecting To Malware
An anonymous reader writes "Security firm ThreatTrack Security Labs today spotted that certain Bing ads are linking to sites that infect users with malware. Those who click are redirected to a dynamic DNS service subdomain which in turns serves the Sirefef malware from 109(dot)236(dot)81(dot)176. ThreatTrack notes that the scammers could of course be targeting other keywords aside from YouTube. The more popular the keywords, the bigger the potential for infection."
Posting to undo accidental mod
People use Bing?
Laughter is the Spackle of the Soul.
...and for those of us who think that ads -are- malware, just targeted at a different processor, AdBlock still takes out two birds with one stone...
~ Whence do you come, slayer of men, or where are you going, conqueror of space?
...like Bing and Yahoo (whose search results come from Bing).
Yeah, it's not like the service itself is named Bing Ads, or anything.
Thanks to the War on Drugs, it's easier to buy meth than it is to buy cold medicine!
If your cpu is overworked by browsing 1 secure site, you might want to consider an upgrade.
I suppose you can be mad at Microsoft for not constantly scanning their customers, but "Bing ads" is still misleading in the usual headline sensationalism way...
Actually, you can't. A standard tactic is to serve regular, unmodified ads, to IP address blocks known to have businesses that to this. For example, the google crawler -- many websites will show different pages if you simply sub the user agent string in as Google; Bypassing compulsory registration, not displaying navigation ... adding piles of SEO words to the bottom of the page, and the list goes on.
Microsoft can't be expected to protect against stuff like this; Every website that allows javascript to be injected from a 3rd party website is equally vulnerable. And that's most of them; Including Slashdot; It has script links to rpxnow.com and fsdn.com. Hundreds of websites link into Google's ajax and analytics pages. A great many websites simply break if you disable 3rd party javascript.
So blame Microsoft if you want, but really, the people you want work at ORACLE.
#fuckbeta #iamslashdot #dicemustdie
I do it because as key lengths get longer, it is harder and harder to browse the HTTPS web using a telnet client. That is even with my pocket calculator nearby!
The actual article is here. TheNextWeb is a stupid site that doesn't work at all if you are not running Javascript. I choose to block most scripts, partly because.. a lot of ads are infected with malware. Yuk.
Never email donotemail@WeAreSpammers.com
That's a tautology.
"National Security is the chief cause of national insecurity." - Celine's First Law
Hey man, google STEALS your information! MS told me so. So that must mean that MS doesn't do that. I mean, they'd be HYPOCRITES otherwise. So I use Bing to keep my porn searches safe. My sexual attraction to boobs and butts will remain safe from the NSA.
Not defending Bing in particular here, but every ad network gets utilized to deliver ads by malicious parties. Every ad company you can think of has staff that work full time just to look for and filter out malicious ads. A pretty significant portion of all malware is delivered my ads that are unwittingly served by sites from Facebook to CNN or any other site you can think of.
Here's a nice link to a NIST report on the matter that you can get to once the government gets back to work. The problem goes back many, many years, so why on earth is this being reported as news?
I think the pertinent question is whether Microsoft or Google or Yahoo should responsible for the ads they show.
That's a very good question. Because the major search engines do not vet their advertisers very well. Google had to pay $500,000,000 to the USDOJ when they were caught willfully running ads for an obvious drug dealer. (No, it wasn't about "Canadian pharmacies". Some Google apologists tried to spin it that way, but the details came out.) Google has since clamped down. They had to; they were on DOJ probation for two years, with felony charges hanging over them. "Oxycontin no prescription" no longer returns ad results. Same for "viagra". Bing now pops up an "Is it legit?" box for searches like that.
Google's clampdown was narrow. Searches with "foreclosure" and "credit repair" have a high population of scammers. Financial search keywords carry a high price, because the marks can be taken for big amounts.
It's possible to measure basic advertiser legitimacy. We do that with SiteTruth, which tries to find the real-world business behind the ad. For over 30% of Google advertisers (by domain name), there's no identifiable real-world business behind the ad. (Running an anonymous business is illegal in some states and in the EU.) That's embarrassing, and highly profitable for Google.
When in doubt, blame Oracle. It works surprisingly often!