Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google's Doubleclick Ad Servers Exposed Millions of Computers To Malware

Posted by timothy on from the but-zedo-is-awesome dept.

wabrandsma (2551008) writes with this excerpt from The Verge: Last night, researchers at Malwarebytes noticed strange behavior on sites like Last.fm, The Times of Israel and The Jerusalem Post. Ads on the sites were being unusually aggressive, setting off anti-virus warnings and raising flags in a number of Malwarebytes systems. After some digging, researcher Jerome Segura realized the problem was coming from Google's DoubleClick ad servers and the popular Zedo ad agency. Together, they were serving up malicious ads designed to spread the recently identified Zemot malware. A Google representative has confirmed the breach, saying "our team is aware of this and has taken steps to shut this down."

8 of 226 comments (clear)

  1. And they wonder why I block ads... by Derekloffin · · Score: 5, Insightful

    It is stuff like this that just demonstrates how annoying the internet ad delivery mechanisms are. Not only are they intrusive, bandwidth wasting, and often impairing my user experience, they can also spread malware.

    1. Re:And they wonder why I block ads... by UnknownSoldier · · Score: 5, Insightful

      Indeed.

      My hosts file (across my Windows, Linux, and OSX) machines have been using the excellent MSVP hosts (http://winhelp2002.mvps.org/hosts.htm) for years.

      Plus, it speeds up internet browsing instead of having the browser ping 10+ different domains.

    2. Re:And they wonder why I block ads... by amiga3D · · Score: 5, Funny

      I always though doubleclick was a malware site. You mean it's not? Or it wasn't but now it is?

    3. Re: And they wonder why I block ads... by Anonymous Coward · · Score: 5, Informative

      Just use adblock+. It is much faster.

    4. Re:And they wonder why I block ads... by TubeSteak · · Score: 5, Informative

      Sometimes pages serves content from a different domain but that is rare enough to manage manually.

      Not anymore.
      Far too many sites (/. included) have or use a CDN for content.
      And they will fetch at least half a dozen scripts for bookmarking/sharing with facebook/linkedin/tumblr/twitter/pinterest/googlehangouts/etc
      Then, they'll try and fetch a non-zero number of tracking/website monitoring scripts.

      Ghostery says http://slashdot.org/images/njs.gif is a 1x1 pixel tracker for WebTrends.

      --
      [Fuck Beta]
      o0t!
  2. And there's the reason why... by Anonymous Coward · · Score: 5, Insightful

    I use Adblockers / flashblocker and NoScript.

    And I utterly will not reconsider for any reason.

  3. No surprise by networkzombie · · Score: 5, Interesting

    I have been blocking doubleclick on the corporate firewall for years, and in every hosts file I come in contact with. No one ever complained, but now if they do, I have ammunition. If you serve up a web site, you should personally vouch for not only the product you are advertising, but the source of the advert as well. I blame Google for placing advertising dollars above their users (I know, they don't have users, they have sheep for fleecing).

  4. Ad Blockers... by Dega704 · · Score: 5, Informative

    One of the best endpoint security tools you can deploy.