Forbes.com serves malware if you disable your adblocker

Many web publications have decided to ask readers kindly to disable ad blockers if you visit their site with adblock on. For a publisher that relies on advertising (instead of donations like we do) it makes sense to have users turn the adblock off, their income from advertisers is dwindling and they wish to stop it. For a reader, however, there may be other reasons for using adblock than just to avoid ads. Any ad network today is indistinguishable from malware and exploit kits as I've said before, they have obfuscated js, hidden iframes, many forked redirects, invasive tracking, suspicious TLDs, control data in the URLs... Ad blockers are used as much for privacy reasons as security reasons.

Ironically, Brian Baskin digital forensics expert with a security bent at Ghettoforensics.com found himself fed malware when he obeyed Forbes plea to turn off Ad Blocker. We couldn't recreate this issue when we tested surfing Forbes sans adblock, so it's likely it was a simple undetected malware banner or snippet of javascript that snuck in via the ad networks, as is usually the case. For the end reader it doesn't matter one iota if Forbes intended to do this or not, the damage has already been done. The Economist didn't mean to infect their readers with malware either, but they did.

As I said waaaaaay back in 2007, if ad banner networks don't clean up the malware mess that exists in their networks, as I stressed it's really important they fix that issue, web users will take action and block all ads. However, now I believe it is simply too little, too late, and web users are doing the right thing in using ad blockers. The ad banner networks had more ten years to get their shit together, they've made more money than the publishers on all of these ads, and they haven't invested in malware detection - but we see them on yachts in Cannes every year. While ad blocker has started an "acceptable ads" program, Apple and other device creators are blocking ads on their devices, and some mobile phone operators are swapping out ads seen on their devices with ads they sell on their own network. Either way, the publisher whose content you are reading is the last person to get a chip off all of that ad money - so ad block and subscribe or donate to support your web watering holes.

We tried to reach out to Forbes for a comment but their contact page is a 404 (archive)src="adland.tv/dblock-launches-acceptable-ads-program-lets-you-say-ok-some-ads/1013858498">as I've said before, they have obfuscated js, hidden iframes, many forked redirects, invasive tracking, suspicious TLDs, control data in the URLs... Ad blockers are used as much for privacy reasons as security reasons.

Ironically, Brian Baskin digital forensics expert with a security bent at Ghettoforensics.com found himself fed malware when he obeyed Forbes plea to turn off Ad Blocker. We couldn't recreate this issue when we tested surfing Forbes sans adblock, so it's likely it was a simple undetected malware banner or snippet of javascript that snuck in via the ad networks, as is usually the case. For the end reader it doesn't matter one iota if Forbes intended to do this or not, the damage has already been done. The Economist didn't mean to infect their readers with malware either, but they did.

As I said waaaaaay back in 2007, if ad banner networks don't clean up the malware mess that exists in their networks, as I stressed it's really important they fix that issue, web users will take action and block all ads. However, now I believe it is simply too little, too late, and web users are doing the right thing in using ad blockers. The ad banner networks had more ten years to get their shit together, they've made more money than the publishers on all of these ads, and they haven't invested in malware detection - but we see them on yachts in Cannes every year. While ad blocker has started an "acceptable ads" program, Apple and other device creators are blocking ads on their devices, and some mobile phone operators are swapping out ads seen on their devices with ads they sell on their own network. Either way, the publisher whose content you are reading is the last person to get a chip off all of that ad money - so ad block and subscribe or donate to support your web watering holes.

We tried to reach out to Forbes for a comment but their contact page is a 404 (archive)src="adland.tv/anner-hijacking-still-going-strong-adrants-now-victim-uplothario-campaign">2007, if ad banner networks don't clean up the malware mess that exists in their networks, as I stressed it's really important they fix that issue, web users will take action and block all ads. However, now I believe it is simply too little, too late, and web users are doing the right thing in using ad blockers. The ad banner networks had more ten years to get their shit together, they've made more money than the publishers on all of these ads, and they haven't invested in malware detection - but we see them on yachts in Cannes every year. While ad blocker has started an "acceptable ads" program, Apple and other device creators are blocking ads on their devices, and some mobile phone operators are swapping out ads seen on their devices with ads they sell on their own network. Either way, the publisher whose content you are reading is the last person to get a chip off all of that ad money - so ad block and subscribe or donate to support your web watering holes.

We tried to reach out to Forbes for a comment but their contact page is a 404 (archive)src="adland.tv/dblock-launches-acceptable-ads-program-lets-you-say-ok-some-ads/1013858498">as I've said before, they have obfuscated js, hidden iframes, many forked redirects, invasive tracking, suspicious TLDs, control data in the URLs... Ad blockers are used as much for privacy reasons as security reasons.

Ironically, Brian Baskin digital forensics expert with a security bent at Ghettoforensics.com found himself fed malware when he obeyed Forbes plea to turn off Ad Blocker. We couldn't recreate this issue when we tested surfing Forbes sans adblock, so it's likely it was a simple undetected malware banner or snippet of javascript that snuck in via the ad networks, as is usually the case. For the end reader it doesn't matter one iota if Forbes intended to do this or not, the damage has already been done. The Economist didn't mean to infect their readers with malware either, but they did.

As I said waaaaaay back in 2007, if ad banner networks don't clean up the malware mess that exists in their networks, as I stressed it's really important they fix that issue, web users will take action and block all ads. However, now I believe it is simply too little, too late, and web users are doing the right thing in using ad blockers. The ad banner networks had more ten years to get their shit together, they've made more money than the publishers on all of these ads, and they haven't invested in malware detection - but we see them on yachts in Cannes every year. While ad blocker has started an "acceptable ads" program, Apple and other device creators are blocking ads on their devices, and some mobile phone operators are swapping out ads seen on their devices with ads they sell on their own network. Either way, the publisher whose content you are reading is the last person to get a chip off all of that ad money - so ad block and subscribe or donate to support your web watering holes.

We tried to reach out to Forbes for a comment but their contact page is a 404 (archive)

Adland® is supported by your donations alone. You can help us out by buying us a Ko-Fi coffee.
Anonymous Adgrunt's picture
comment_node_story
Files must be less than 1 MB.
Allowed file types: jpg jpeg gif png wav avi mpeg mpg mov rm flv wmv 3gp mp4 m4v.