Seems I need to update the post Worst banner ad ever - system doctor takes over the browser as I've found more information, particularly this scary sounding article at the WSJ: Hackers Can Now Deliver Viruses via Web Ads. In this article one can smell the near death of online ads, for example:
Clicking on ads that appear in the sponsored-link results section of Web-search engines can also be very dangerous. Web-security firm McAfee Inc. found in May that 6.9% of sponsored links led to suspicious sites that might have automatically downloaded malicious software.
Ad Block Plus, but some people on the web are really unhappy about that constellation saying it's "is an infringement of the rights of web site owners and developers" and they'll send you to this page: "You've reached this page because the site you were trying to visit now blocks the FireFox browser". Heck, I'll even tell you to get Norton Internet Snakeoil which blocked "ad-rag.com" but not actual ad banner URL's over at apple.com, disney.com, iwon.com, monster.com and plenty more places (see post about us changing our domain name because of this), so that seems to be a true waste of money if some people can buy themselves off the Norton Internet Security blacklist. Who's to say one of these 'infected' ads won't slip through there? They slip through on my non-adblocked Firefox but so far - knock on wood - my Mac OSX is too weird for the .exe to plant itself in it and run. Probably only a matter of time, mind you, before these ads serve files designed for any operating system though. Surfing known "safe" sites won't help you - Report: Ad Networks Used to Infect Computers from Clickz reveals that the Drivecleaner "ad" even appeared on Friendster. These ads can appear anywhere there's banner ads.
While evidence of rogue networks exists, isolated occurrences of malicious ads are more common in Edelman's experience. In early June, he identified an ad for a product called DriveCleaner that ran on Friendster.com and was served through DoubleClick's DART servers. The ad attempted to take over Friendster and replace the URL in the address bar with another, according to Edelman. Symantec's security response database describes DriveCleaner as "a misleading application, which gives exaggerated reports of security and privacy risks on a computer. The program then prompts the user to purchase a registered version of the software in order to remove reported risks." DoubleClick declined to comment specifically on the Friendster.com example. The DART system does have procedures in place for situations where an unsuitable ad is served. "We very rarely come across cases like this," said Sean Harvey, senior product manager of the DART platform at DoubleClick. "As a technology provider, we have a strong support team. They contact us and we can put a SWAT team on it and shut it down in real time."
