Forgot your password?
typodupeerror
Security The Internet

The Next Ad You Click May Be a Virus 226

Posted by kdawson
from the simple-solution-suggests-itself dept.
Jay notes a Wall Street Journal report about ad networks unintentionally selling empty space to malware loaders (the link is to a syndicating site that doesn't require a subscription to view). The submitter comments: "The labeling of the fake ad sellers as hackers is pretty bogus; there's no hacking involved. Simply sign up for one of these networks, create your fake site, put up another company's creative, and you're good to go." The incidents being reported go back a few months, but the pattern of this criminal activity seems to be coming clear only recently."EWeek.com, a technology news site owned by Ziff Davis Enterprise, in February displayed an ad on its homepage masquerading as a promotion for LaCoste, the shirt maker. The retailer hadn't placed the ad — a hacker had, to direct users to a Web site where harmful programs would be downloaded to their computers, says Stephen Wellman, director of community and content for Ziff Davis."
This discussion has been archived. No new comments can be posted.

The Next Ad You Click May Be a Virus

Comments Filter:
  • Aren't they all? (Score:4, Insightful)

    by Bob_Who (926234) <Bob@w[ ]net ['ho.' in gap]> on Monday June 15, 2009 @07:35PM (#28342281) Homepage Journal
    I mean really, its all just semantics (and semiotics) and we're all infected...cookie anyone?
    • Re:Aren't they all? (Score:5, Informative)

      by dean.collins (862044) on Monday June 15, 2009 @07:54PM (#28342445)

      As a content provider (I'm the founder of http://www.livebaseballchat.com/ [livebaseballchat.com] stuff like this annoys the hell out of me.

      I mean we go to all the effort to secure passwords, code tc - then our users are infected with ads they view....

      We were sourcing our banner ads from Pubmatic but after a two 'problem ads' about 3 weeks I've cut it back to Google + banners we sell internall direct to end companies.

      I dont have any answers but if you have a problem with a website be sure to let the content owners know - they might not even realise they have a problem.

      Cheers,
      Dean Collins
      http://www.livebaseballchat.com/ [livebaseballchat.com]

      • Re: (Score:3, Interesting)

        by mysidia (191772)

        What's worse, is even Google ads can potentially be infectious links.

        The ads that inject javascript and/or exploit vulnerabilities in Adobe Flash, Acrobat, or Office, when displayed are conceivably worse than ones that lead to a malicious page if you click them.

        The article title could just as easily have been "The next Ad you see may be silently infecting you on sight"

        What really needs to happen is, new advertisers need to get vetted extensively.

        Advertisers should have to upload their banner imager

    • by dziban303 (540095) <dziban303@NoSpaM.gmail.com> on Monday June 15, 2009 @08:06PM (#28342543) Homepage
      People actually click on ads?
      • by John Hasler (414242) on Monday June 15, 2009 @08:13PM (#28342615) Homepage

        Evidently someone does, and I'm grateful.

      • by Jurily (900488)

        I'm sure there's a firefox addon for that. Would go along nicely with adblock.

      • by matt328 (916281)
        People actually see ads?
      • by vaporland (713337)
        people actually SEE ads on the internets? (cough)PRIVOXY(cough)
      • Maybe the "hacked" version of FireFox or IE you downloaded from what you thought was a great download site, does, as it has a built in auto clicker, to generate revenue for the guy that has adsense on his web page, and wants everyone to click on his ads...so he creates a bad version of each, sends it to his friends or family, and watches his revenue grow...although now he indirectly makes other people click on links that lead you to websites, then installs malware.Ooops.

    • by sorak (246725)

      I mean really, its all just semantics (and semiotics) and we're all infected...cookie anyone?

      But the difference is that cookies are only an "infection" in the same way that you grocery store card is an "infection".

  • what ads? (Score:5, Funny)

    by Anonymous Coward on Monday June 15, 2009 @07:37PM (#28342297)

    /strokes adblock

    • You mean virusblock?
    • Because I sure as Hell ain't clicking on any ads, Honey. I blame the virus. I'm going to go dispose of these bad bad magazines right now.

      • by EdIII (1114411) *

        dispose of these bad bad magazines right now

        Depending on what you mean by "bad" and how "bad" these magazines are, I will help you dispose of them. I'll pay for shipping too.

  • by Anonymous Coward on Monday June 15, 2009 @07:37PM (#28342299)
    While the internet is a wonderful thing; I can't help but wonder where did all of the douchebags come from. Every liar, cheat, grifter is taking their shot at fucking up the sandbox we all play in. Its all fun and games when windows users get hosed, but after awhile even that gets old. I am just a tired old man. It makes me sad that my poor view of humanity gets reinforced every time I turn around.
    • by Fastolfe (1470) on Monday June 15, 2009 @08:05PM (#28342531)

      Botnets and financial data have value, so it makes sense that there's profit to be had in finding ways to infect new machines. These are the same douchebags that fill up my gmail Spam folder. If there's profit to be had, and nearly zero chance you'll be caught, people will do pretty much anything. It's human nature. All you can do is improve the sandbox so that people can't (profitably) abuse it, and most of the douchebags will leave.

    • by Sponge Bath (413667) on Monday June 15, 2009 @08:16PM (#28342635)

      I feel your pain. The unfolding truth seems to be that they were always there and humanity really sucks for the most part. The internet just makes it easier to tally the grim statistics.

      • by eriks (31863) on Monday June 15, 2009 @10:41PM (#28343651) Homepage

        Humanity is actually mostly nice, really. It's just that with 7 billion people, even if only .01% are complete assholes, that's almost a million people, and you just know that ALL of those people are on the internet messing with us, and they seem like a billion people thanks to the amplification power of technology.

    • Re: (Score:3, Funny)

      by Korin43 (881732)
      It's the current 'big thing'. Eventually people will realize you don't make much money with spam and they'll go back to robbing banks like civilized people.
    • We allowed them in (Score:5, Interesting)

      by Opportunist (166417) on Monday June 15, 2009 @09:21PM (#28343101)

      You know, back in the good ol' days of yore, when the internet was young and so were we, we created a beautiful garden. We, the geeks, we came together and we built. We created flowerbeds and hacked away the weed so people could find a path through the wilderness, we invited other geeks to join us in our creation so they would maybe build something even greater on top of ours. We looked at it and saw it was stunning and beautiful, and we looked outside for the "others", the "mundanes", the average guy and we thought, wouldn't it be a great idea if they, too, could see how beautiful and magical it all is? Imagine, when we, a handful of geeks, can create such wonders, what miracles are waiting for us to see if we just let others join in the creation?

      Sure, they were no gardeners, so we paved a few ways through our wonderland, lest they got their feet dirty on the muddy paths we used to walk on. And the people came. They came in, and they looked. Few wanted to create, actually, most just enjoyed the view (hey, how many gardening exhibits do you know where you can see exotic plants without having to pay admission?), some tried to plant but soon got fed up when they noticed they'd have to know a bit about gardening.

      And of course, in came also the ones that find pleasure in destruction, who wanted nothing but to destroy the creations. We had to fence them in, we had to hire guards for our creations so they wouldn't get destroyed. Often enough, those guards were not good enough and quite a few beauties are no more.

      Personally, I wonder if it was a good idea to unlock those doors and pave some ways.

      • Re: (Score:3, Insightful)

        by Anonymous Coward

        > Personally, I wonder if it was a good idea to unlock those doors and pave some ways.

        It was certainly NOT a good idea. It was, however, inevitable. Not you, not me, not anyone could have stopped it any more than you could have stopped the widespread use of the printing press. In fact, even *less* than you could have stopped that.

        • Re: (Score:3, Funny)

          I am interested in your ideas and would like to subscibe to your newsletter.
        • Really? We created easy access. Do you think Joe Randomuser would have jumped through the hoops that he faced if he wanted to connect 20 years ago? Do you think newsgroups would have attracted the amount of people that flashy webpages do?

      • by Saija (1114681)
        You, Sir, are a poet, hope i could mod you +10 Insigthful and want to see more post like yours, Kudos.
    • by Nerdfest (867930)
      I believe some of those people may also need to be reminded about standing on your lawn. Sad ... the memory is the first thing to go.
    • Re: (Score:3, Insightful)

      Noniterated game.

      Seriously. Reputation is everything. No effect on reputation ==> no morals, at least for many people.

    • Re: (Score:3, Interesting)

      by AnalPerfume (1356177)
      "Every liar, cheat, grifter is taking their shot at fucking up the sandbox we all play in."

      You forgot greedy corporations, they arguably do more damage than the rest put together since they have the power, influence and money to really fuck it up for us mere mortals.
    • by bit01 (644603)

      I can't help but wonder where did all of the douchebags come from.

      It's simple statistics. In any large group of people, and on the internet we're talking billions, even if most people are wonderful it is a statistical certainty that a small fraction will be douchebags. Those douchebags have visibility out of all proportion to their numbers. e.g. The 4 people who were responsible for 3 billion robocalls [consumerist.com].

      In addition, in the real world it's usually obvious when you're dealing with an possibly unsocialized ch

    • by pushf popf (741049) on Monday June 15, 2009 @11:40PM (#28344029)
      Our internet is still there.

      Usenet, telnet, bash, text-based email, html without plugins, privoxy, linux. It's all still there. Leave the Flash ads and latest "screw you" schemes for the "consumers".

      For What It's Worth, I don't know how anybody can stand it. I walked up to a Co-worker's Vista machine running IE and just about had a seizure as the endless barrage of blinking flashing running ads flew about his screen, occupying at least 2/3rds of the real estate. I don't know why the lusers even bother.

      If my machines looked like that, I'd unplug them all and do something useful like cook for a living.
    • Humanity, despite your perception of it, has always been what it is. Its not some entangled state cat in a box. Your observing its flaws did not cause them, nor did your ignoring them prevent their existence. Life is what it is and people are who they are. The question is, what are you going to do about it now that you know something closer to the truth? Stick you head back in the sand? Try to change individuals? Change the system? Fight the Power? Righteous indignation? Legislation?
  • My coworkers and I have been dealing with AntiVirus XP and its variants for the past few months, and it seems to infect computers in exactly this way. Badvertisements. It's hardly a new phenomenon, but it's nice to see the press pick up on it. Better late than never.
  • From TFA:

    Web publishers say they have started limiting the number of companies they outsource their ad selling to and are working with security vendors, such as San Francisco-based ClickFacts, to detect malicious software on their networks and remove it as quickly as possible.

    I'm impressed! The Wall Street Journal talked to every Web publisher and got them to agree to do this. We should send Emily to go negotiate peace in the middle east.

  • So lucky me... (Score:4, Informative)

    by koolfy (1213316) <[koolfy] [at] [gmail.com]> on Monday June 15, 2009 @07:42PM (#28342323) Homepage Journal
    ...having that "Disable Advertising" checkbox from Slashdot :)

    "As our way of thanking you for your positive contributions to Slashdot, you are eligible to disable advertising. "
    Thank you for preventing my Gentoo Linux system for being infec...

    Oh, wait...
    • Hey, if anyone wanted to write a malicious script for Linux, where else would they go?

      Damn, we should feel so proud of ourselves.

  • Welcome to 1990 when Al Gore invented the intertubes.
  • yes, but... (Score:3, Insightful)

    by owlnation (858981) on Monday June 15, 2009 @07:44PM (#28342353)
    ... who clicks ads? (other than for click fraud purposes)
    • by Krneki (1192201) on Monday June 15, 2009 @09:15PM (#28343077)
      Internet Explorer does. Internet Explorer is so awesome, you don't even need to click on an add to get infected. It's will do all automatically for you, there is this new wonderful M$ caching feature that keep clicking the whole Internet for you. Join the botnet close to your home now, all free today thanks to IE9! Remember, iexplore.exe will be always there for you.
  • Or it may win you ... A NEW CAR.

    Are you prepared to take that risk?

    Hmm ... that's not appearing like it should. It's spelt B-L-I-N-K, right?

    • Re: (Score:3, Funny)

      by cyberfunkr (591238)

      Oblig Family Guy:

      Peter: A BOAT'S A BOAT, but the mystery box could be anything. IT COULD EVEN BE A BOAT. You know how much we wanted one of those.

  • Creative? Huh? (Score:3, Insightful)

    by pestie (141370) on Monday June 15, 2009 @07:48PM (#28342393) Homepage

    Another company's "creative?" What the hell does that mean? Is it some industry term for "crappy banner ad?"

    • Re: (Score:3, Informative)

      by nvrrobx (71970)
      Your answer, courtesy of Wikipedia:

      Creative (noun, in advertising), referring to materials, imagery, or collateral prescriptively produced through creativity and the creative process

      This is not specific to banner ads. This term is used in all forms of advertising.
    • by dbIII (701233)
      It means the submitter lurnt how to wread under Raygun.
      No child left behind and ebonics for all!
  • Very simple asnwer (Score:3, Informative)

    by Archfeld (6757) * <treboreel@live.com> on Monday June 15, 2009 @08:01PM (#28342493) Journal

    NEVER, NEVER, NEVER, I REPEAT NEVER EVER click an ad banner. If you see somthing you REALLY want to view get the source and go there in another browser window, but clicking thru an ad banner is somthing I can't ever remember doing in the entire time I've been on the net...

  • And this is why... (Score:2, Insightful)

    by FunPika (1551249)
    We have a little something called Ad Block Plus.
  • Not News To Me (Score:3, Insightful)

    by GearheadX (414240) on Monday June 15, 2009 @08:10PM (#28342583)

    I've been cleaning crap off of computers installed by ad popups for the past year now.

  • It's worse than that (Score:5, Interesting)

    by Erik Fish (106896) on Monday June 15, 2009 @08:35PM (#28342773) Journal

    Not clicking on banner ads isn't enough. For years I've been fine with letting any non-Flash banner ad through, but I a few months ago I finally installed Adblock after finding one too many PDF exploits being loaded through banner ad display code.

    It works like this: You are minding your own business browsing some perfectly legitimate web site when suddenly you get a dialog box asking if you would like to execute the JavaScript in "this PDF document". There's no PDF in sight, no other windows, nothing else suspicious.

    Oh, but you only get this dialog if you have JavaScript disabled in Acrobat (most people don't).

    • by shermo (1284310)

      I'd like to tag this comment 'foxit'.

      In all seriousness though, wouldn't not having acrobat solve this particular problem? Or are you just suggesting that it's a sign of the increasing number of possible attack vectors?

    • by TubeSteak (669689)

      It works like this: You are minding your own business browsing some perfectly legitimate web site when suddenly you get a dialog box asking if you would like to execute the JavaScript in "this PDF document". There's no PDF in sight, no other windows, nothing else suspicious.

      Oh, but you only get this dialog if you have JavaScript disabled in Acrobat (most people don't).

      I experienced just the opposite...
      I kept seeing those dialogs until i disabled javascript in Acrobat.
      Maybe you should go back and check to see if its disabled on your computer.

      I also complained to the sit owner, but I couldn't say if its been fixed, since I don't see the dialog anymore.

  • Since I installed AdBlock Plus (for purposes of lowing annoyance level), I've noticed as a very pleasant side effect that my malware infection level has dropped tremendously.
    Barely need to run AdAware & SpyBot & co any more, and when I do [even when their definitions are fully updated], there's barely anything for them to find

    • Interesting. You actually get infections to clean up, and not just one here and there, but to the point you can talk about "malware infection level" as if it's routine?

      There's apparently millions like you, so you're not alone by far, and I'm glad that you're so honest about it, on a tech site where a lot of users (including me) either have never had an infection or wouldn't admit to it if they had, but wow, you're perhaps the first poster I've seen, certainly the first /. poster I've seen, that treats it a

  • It's anything but news. And I'm not even talking about shady scareware or "come to the page and you already signed an abo for 2 years and 160 bucks" scams.

    Drive-by infection ad pages have appeared in noticable amounts about 2-3 years ago when iframe infections became en vogue. They were (and are) even actually quite professional, not just a copy of another company's page, they appear legit, but usually sell crap no person would actually want to buy (either overpriced or obviously bogus). But that's not the

  • by Animats (122034) on Monday June 15, 2009 @09:42PM (#28343263) Homepage

    This is a good reason to block all ad sites at your corporate firewall. You'll probably cut your Internet bandwidth usage in half, too.

  • To be honest, "fake" ads dragging you to a hateful, malware-spewing website is rather tame. The real fun was the banner ads that infected you directly, simply by viewing the flash.

    *Sigh*
    Just another reason to use adblock and noscript.

  • So say someone clicks an ad at a reputable site to support them, which is actually malware which does 'software' damage(lost productivity, loss of PC uptime, etc) to a users PC by injecting something. Who becomes responsible? The end user? The content provider? Ad provider? Guy making the malware? Everyone? Last 3 people in the chain?

    Answers to this? I realize those of us in the /. crowd are technically inclined, but the average person isn't. I really do start to expect heads to start rolling over

  • That's what you get for clicking on ads. If I see something interesting I type the name of the company myself.
  • All the more reason to use things like Adblock Plus, FLashblock, and NoScript (if you're using Firefox that is). I haven't seen an ad on my home or work computers in months.
  • I haven't even seen an ad in years...what am I going to click on that's not there?
    (Firefox-since 0.8ver.-before it was called Firefox, Adblock [plus], noscript, and flashblock)

    Does this advirus run on Linux?
    (kubuntu 5.04 thru 9.04-presently)

  • In case you did not know it: Average click-rates of ads on the Internet are even below the number of random clicks that people do in error. I know, because I worked at a large company, and my colleagues studied exactly that.
    0.1% click rate is something, that ad companies will open bottles of champagne about. Usually it's much less.
    Which can mean both, that ad-blockers are used more and more, and that people subconsciously click less on ads, even when they did not want to click there.
    In my eyes, all ad click

  • The name is Lacoste, due to the fact it was founded by legendary tennis player René Lacoste.
    Hardly surprising coming from a nation who think McDonalds is a restaurant instead of a burger bar.
  • Well it sure is a good thing Slashdot just let me disable their ads!

    What timing, I tell ya...

Luck, that's when preparation and opportunity meet. -- P.E. Trudeau

Working...