Hacking web banner networks sends banner ads from hated to feared

 
 
 

Hacking web banner networks sends banner ads from hated to feared

Seems I need to update the post Worst banner ad ever - system doctor takes over the browser as I've found more information, particularly this scary sounding article at the WSJ: Hackers Can Now Deliver Viruses via Web Ads.
In this article one can smell the near death of online ads, for example:

Clicking on ads that appear in the sponsored-link results section of Web-search engines can also be very dangerous. Web-security firm McAfee Inc. found in May that 6.9% of sponsored links led to suspicious sites that might have automatically downloaded malicious software.

Great, so buying a text-link at the top search result now may make your ad viewed with suspicion and most likely not clicked. That's not good. Also:

Ad networks, which distribute ads across the Internet, say they carefully review the companies from which they accept ads and use manual and automatic tools to scan for harmful code. Some companies have developed their own safeguards. Right Media, an online-ad exchange that uses automated systems to match buyers with sellers, last summer designed a system to block ads containing harmful material from entering its network. During its initial test in July 2006, Media Guard scanned more than 50,000 ads, putting each commercial through various tests looking for suspicious code. The scan discovered 17 different types of hidden viruses.

Yipes! So websites that just try to support their site with a few ads, join a reputable ad-banner group and suddenly serve viruses to their visitors?

I'd tell you to get Firefox and Ad Block Plus, but some people on the web are really unhappy about that constellation saying it's "is an infringement of the rights of web site owners and developers" and they'll send you to this page: "You've reached this page because the site you were trying to visit now blocks the FireFox browser". Heck, I'll even tell you to get Norton Internet Snakeoil which blocked "ad-rag.com" but not actual ad banner URL's over at apple.com, disney.com, iwon.com, monster.com and plenty more places (see post about us changing our domain name because of this), so that seems to be a true waste of money if some people can buy themselves off the Norton Internet Security blacklist. Who's to say one of these 'infected' ads won't slip through there? They slip through on my non-adblocked Firefox but so far - knock on wood - my Mac OSX is too weird for the .exe to plant itself in it and run. Probably only a matter of time, mind you, before these ads serve files designed for any operating system though.

Surfing known "safe" sites won't help you - Report: Ad Networks Used to Infect Computers from Clickz reveals that the Drivecleaner "ad" even appeared on Friendster. These ads can appear anywhere there's banner ads.

While evidence of rogue networks exists, isolated occurrences of malicious ads are more common in Edelman's experience. In early June, he identified an ad for a product called DriveCleaner that ran on Friendster.com and was served through DoubleClick's DART servers. The ad attempted to take over Friendster and replace the URL in the address bar with another, according to Edelman.

Symantec's security response database describes DriveCleaner as "a misleading application, which gives exaggerated reports of security and privacy risks on a computer. The program then prompts the user to purchase a registered version of the software in order to remove reported risks."

DoubleClick declined to comment specifically on the Friendster.com example. The DART system does have procedures in place for situations where an unsuitable ad is served.

"We very rarely come across cases like this," said Sean Harvey, senior product manager of the DART platform at DoubleClick. "As a technology provider, we have a strong support team. They contact us and we can put a SWAT team on it and shut it down in real time."


Even Microsoft has apologized for serving malware which is the scariest incident yet since the downloadable .exe file runs on, you guessed it, Microsoft.

The saddest thing is, that if this isn't nipped in the bud right now, banner ads will most definitely go the way of email advertising and die a lonely death while shunned from all mankind. These days legit websites can't send out password reminders without being accused of spamming, will the future bring a web where every animated gif is viewed with the same amount of suspicion? If the ad networks don't clean up now, anything that looks like ads will scare those once burned. Years ago paid links served in editorial content wigged me out as I thought peoples habit to click on links would drop once they've been fed ads instead of something relevant to the article. This however is much scarier. If this doesn't stop you might as well shoot the banner ad in the head right now and bury them next to the pop-up.

Adland: 

Add new comment

Top