The Next Ad You Click May Be a Virus 226
Jay notes a Wall Street Journal report about ad networks unintentionally selling empty space to malware loaders (the link is to a syndicating site that doesn't require a subscription to view). The submitter comments: "The labeling of the fake ad sellers as hackers is pretty bogus; there's no hacking involved. Simply sign up for one of these networks, create your fake site, put up another company's creative, and you're good to go." The incidents being reported go back a few months, but the pattern of this criminal activity seems to be coming clear only recently."EWeek.com, a technology news site owned by Ziff Davis Enterprise, in February displayed an ad on its homepage masquerading as a promotion for LaCoste, the shirt maker. The retailer hadn't placed the ad — a hacker had, to direct users to a Web site where harmful programs would be downloaded to their computers, says Stephen Wellman, director of community and content for Ziff Davis."
Aren't they all? (Score:4, Insightful)
Re:Aren't they all? (Score:5, Informative)
As a content provider (I'm the founder of http://www.livebaseballchat.com/ [livebaseballchat.com] stuff like this annoys the hell out of me.
I mean we go to all the effort to secure passwords, code tc - then our users are infected with ads they view....
We were sourcing our banner ads from Pubmatic but after a two 'problem ads' about 3 weeks I've cut it back to Google + banners we sell internall direct to end companies.
I dont have any answers but if you have a problem with a website be sure to let the content owners know - they might not even realise they have a problem.
Cheers,
Dean Collins
http://www.livebaseballchat.com/ [livebaseballchat.com]
Re: (Score:3, Interesting)
What's worse, is even Google ads can potentially be infectious links.
The ads that inject javascript and/or exploit vulnerabilities in Adobe Flash, Acrobat, or Office, when displayed are conceivably worse than ones that lead to a malicious page if you click them.
The article title could just as easily have been "The next Ad you see may be silently infecting you on sight"
What really needs to happen is, new advertisers need to get vetted extensively.
Advertisers should have to upload their banner imager
Re:Aren't they all? (Score:4, Insightful)
Re:Aren't they all? (Score:4, Insightful)
Evidently someone does, and I'm grateful.
Re: (Score:2)
I'm sure there's a firefox addon for that. Would go along nicely with adblock.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Maybe the "hacked" version of FireFox or IE you downloaded from what you thought was a great download site, does, as it has a built in auto clicker, to generate revenue for the guy that has adsense on his web page, and wants everyone to click on his ads...so he creates a bad version of each, sends it to his friends or family, and watches his revenue grow...although now he indirectly makes other people click on links that lead you to websites, then installs malware.Ooops.
Re: (Score:2)
I mean really, its all just semantics (and semiotics) and we're all infected...cookie anyone?
But the difference is that cookies are only an "infection" in the same way that you grocery store card is an "infection".
Re: (Score:3, Funny)
what ads? (Score:5, Funny)
/strokes adblock
Re: (Score:2)
It will HAVE to have been a virus! (Score:2)
Because I sure as Hell ain't clicking on any ads, Honey. I blame the virus. I'm going to go dispose of these bad bad magazines right now.
Re: (Score:2)
Depending on what you mean by "bad" and how "bad" these magazines are, I will help you dispose of them. I'll pay for shipping too.
Re: (Score:3, Insightful)
And when all the good sites on the internet have disappeared, the people who made them will be back on business on pay sites taking subscriptions.
Better to just get paid directly for quality content, than splitting it with a whole mountain of third parties.
Oh wait, the content isn't so great that people will pay for it? Bummer.
Re: (Score:3, Insightful)
Well, there's content that you want to read but wouldn't want to pay for. It's something "nice to have", but you wouldn't spit out dough for it.
All those "nice to have" pages would vanish if it weren't for ads.
Re: (Score:2, Troll)
All those "nice to have" pages would vanish if it weren't for ads.
If you can't support your website with only ads that don't try to grab my attention any possible way they can, don't blame me for using adblock. I have stuff to do, and my attention is valuable enough, especially when I'm looking for the content you want me to look for.
Re:what ads? (Score:5, Funny)
No hope for the Web, I guess. Even if I didn't block the ads I'd never click them, and even if I clicked them I'd never buy the products. The Web is going to collapse and it's all my fault. Sob.
Re: (Score:2)
Hush, dammit! As long as the marketingweenies believe it works we got free pages, now shut up! :)
Re: (Score:2)
All those "nice to have" pages would vanish if it weren't for ads.
Facebook and Twitter go to the shitter!
Re: (Score:3, Funny)
Ok, ok, there'd be some beneficial effects to it, but overall I think we'd lose more than we gain.
Comment removed (Score:5, Insightful)
Re:what ads? (Score:4, Insightful)
And in return adblock and noscript is what keeps these pages in existance.
If you did see those full page flash ads, and you had no chance to block them, would you still visit the page? Or would it not be worth the annoyance and you'd just turn away in disgust? Using adblock and noscript keeps their impressions up and thus keeps the pagemasters from learning that annoying the living hell out of your visitors isn't how you attract people.
Re:what ads? (Score:5, Insightful)
If you did see those full page flash ads, and you had no chance to block them, would you still visit the page? Or would it not be worth the annoyance and you'd just turn away in disgust? Using adblock and noscript keeps their impressions up and thus keeps the pagemasters from learning that annoying the living hell out of your visitors isn't how you attract people.
People don't care. I find internet ads to be just as annoying as television ads, but most people keep using both without blocking them. Most of the time, when I use someone else's computer, they have no ad-blocking software at all. It's not just lack of knowledge. I just asked my sister if she wanted to block online ads. She said "It's fine. I don't want to mess with it. I really don't care at all." Ads are everywhere in our culture, and most people don't give a damn.
Re: (Score:2)
Hmmm...that's odd...my sister demands that I install host block [mvps.org] on any computer I set up for her.
Odd indeed.
Re:what ads? (Score:4, Informative)
Re: (Score:2)
Dear God, that hosts file is one of the best kept secrets isn't it?
Truly effective at stopping shit dead in it's tracks. It's useful to point out, that it is not just web browsers either. It's EVERYTHING. Unless your program is written to somehow work without using the communications stack in Windows, it will have to go through the hosts file.
There is only one major drawback that makes it hard to use to it's full potential.
1) No wild cards.
Re: (Score:2)
Re: (Score:3, Interesting)
So I guess this was the case, back in the day. I remember those days, even though I was a wee one. But after installing a new system from scratch, customizing Firefox is one of the many arduous tasks that must be done (sure, it's as easy as just copying your ~/, but it still has to be done).
So I said forget it and just went along my way without doing it once and a couple months later, I still haven't installed it. Times have changed - now the only ads that I see are nothing like the ones of old. And you kno
Re: (Score:3, Insightful)
I have a pretty simple setup. I block all Flash, but otherwise allow ads. I don't block Flash because I want to block Flash ads, I block it because it's almost always annoying and pointless and crashing my computer or slowing it down, regardless of whether it is an ad or not. The fact that Flash ads are blocked is collateral damage.
And I've found that I don't mind most non-Flash ads. I barely ever click on any (save for Google search results), but I don't mind them 99% of the time. And if I do mind them, I
Re: (Score:2)
the "shoot the monkey and win a ---" ads.
You mean, I could really win three hyphens?! Where do I click?
Re: (Score:2)
The original punch the monkey ad was a Java applet. Flash wasn't so popular in those days.
Re: (Score:2)
No, it will be your fault for making an unsustainable website.
Re: (Score:2, Insightful)
When will this end? (Score:5, Insightful)
Re:When will this end? (Score:5, Insightful)
Botnets and financial data have value, so it makes sense that there's profit to be had in finding ways to infect new machines. These are the same douchebags that fill up my gmail Spam folder. If there's profit to be had, and nearly zero chance you'll be caught, people will do pretty much anything. It's human nature. All you can do is improve the sandbox so that people can't (profitably) abuse it, and most of the douchebags will leave.
Re:When will this end? (Score:5, Insightful)
I feel your pain. The unfolding truth seems to be that they were always there and humanity really sucks for the most part. The internet just makes it easier to tally the grim statistics.
Re:When will this end? (Score:5, Insightful)
Humanity is actually mostly nice, really. It's just that with 7 billion people, even if only .01% are complete assholes, that's almost a million people, and you just know that ALL of those people are on the internet messing with us, and they seem like a billion people thanks to the amplification power of technology.
Re: (Score:3, Funny)
We allowed them in (Score:5, Interesting)
You know, back in the good ol' days of yore, when the internet was young and so were we, we created a beautiful garden. We, the geeks, we came together and we built. We created flowerbeds and hacked away the weed so people could find a path through the wilderness, we invited other geeks to join us in our creation so they would maybe build something even greater on top of ours. We looked at it and saw it was stunning and beautiful, and we looked outside for the "others", the "mundanes", the average guy and we thought, wouldn't it be a great idea if they, too, could see how beautiful and magical it all is? Imagine, when we, a handful of geeks, can create such wonders, what miracles are waiting for us to see if we just let others join in the creation?
Sure, they were no gardeners, so we paved a few ways through our wonderland, lest they got their feet dirty on the muddy paths we used to walk on. And the people came. They came in, and they looked. Few wanted to create, actually, most just enjoyed the view (hey, how many gardening exhibits do you know where you can see exotic plants without having to pay admission?), some tried to plant but soon got fed up when they noticed they'd have to know a bit about gardening.
And of course, in came also the ones that find pleasure in destruction, who wanted nothing but to destroy the creations. We had to fence them in, we had to hire guards for our creations so they wouldn't get destroyed. Often enough, those guards were not good enough and quite a few beauties are no more.
Personally, I wonder if it was a good idea to unlock those doors and pave some ways.
Re: (Score:3, Insightful)
> Personally, I wonder if it was a good idea to unlock those doors and pave some ways.
It was certainly NOT a good idea. It was, however, inevitable. Not you, not me, not anyone could have stopped it any more than you could have stopped the widespread use of the printing press. In fact, even *less* than you could have stopped that.
Re: (Score:3, Funny)
Re: (Score:2)
Really? We created easy access. Do you think Joe Randomuser would have jumped through the hoops that he faced if he wanted to connect 20 years ago? Do you think newsgroups would have attracted the amount of people that flashy webpages do?
Re: (Score:2)
Re: (Score:2)
Re: (Score:3, Insightful)
Noniterated game.
Seriously. Reputation is everything. No effect on reputation ==> no morals, at least for many people.
Re: (Score:3, Interesting)
You forgot greedy corporations, they arguably do more damage than the rest put together since they have the power, influence and money to really fuck it up for us mere mortals.
Re: (Score:2)
I can't help but wonder where did all of the douchebags come from.
It's simple statistics. In any large group of people, and on the internet we're talking billions, even if most people are wonderful it is a statistical certainty that a small fraction will be douchebags. Those douchebags have visibility out of all proportion to their numbers. e.g. The 4 people who were responsible for 3 billion robocalls [consumerist.com].
In addition, in the real world it's usually obvious when you're dealing with an possibly unsocialized ch
Re:When will this end? (Score:4, Interesting)
Usenet, telnet, bash, text-based email, html without plugins, privoxy, linux. It's all still there. Leave the Flash ads and latest "screw you" schemes for the "consumers".
For What It's Worth, I don't know how anybody can stand it. I walked up to a Co-worker's Vista machine running IE and just about had a seizure as the endless barrage of blinking flashing running ads flew about his screen, occupying at least 2/3rds of the real estate. I don't know why the lusers even bother.
If my machines looked like that, I'd unplug them all and do something useful like cook for a living.
Re: (Score:2)
I have all the usenet I can handle for a few bucks/month. Linux has apps that are more functional and "less warm and fuzzy" than the boatload of crap that ships with any recent w
Re: (Score:2)
Re: (Score:2)
OK, so next week, all Microsoft OSes are made illegal, and users have just thirty days to switch to another. What's your pleasure - Mac or Linux?
So everyone has changed to one or the other. Wanna take a bet how long it will take for viruses and exploits to start showing up in large quantities?
Re: (Score:3, Interesting)
Apple have a small number of setups that a malware writer can rely being there to target, Apple also like to keep any security (and anything else for that matter) issues secret until they have a fix, so there's potential for exploitation there. Many of their users are also of the mindset that they are different from "
Re: (Score:2)
You know - your (insert non-tech relative name here) would open an attachment, download a free app, visit a malicious website - something that some clever criminal would use to lure them to defeat the security. Or worse, with a prevalence of *nix OSes in use, actually break the system.
An old cliche might be applicable here - why do we climb mountains? Because they're there. Ha
Re: (Score:2)
Linux does have good user / admin separation so malicious stuff run as a user won't be allowed to execute admin functions, which does limit it's potential for harm. That won
Re: (Score:2)
In that hypothetical situation I'd agree that malware writers would all suddenly focus their efforts towards Apple and Linux, but the success rate would be limited. Both are built to be secure.
No more so than Windows.
Linux is by far a small and very fast moving target to hit. Each Linux distro has a different choice of software installed by default, slightly modified versions of software in their repositories and an army of people looking over the code before it reaches the end user. I see the most like
Re: (Score:3, Insightful)
Why would anyone write a virus that cannot effect 90% of potential targets.
Think about it. If you used an OS in that 10%, you would never suspect you had a virus on your system, would never bother to look for one. Meanwhile that keylogger, malware, whatever, will continue to work without you ever finding it.
Re: (Score:3, Informative)
Windows has a lot less than 90% of the server market, yet it is still the platform virus writers target most.
Re: (Score:2)
Bullshit. You're trying to say that half the webservers on the net (which run Unix; twice as many as run Windows, fyi), and could be jumping-off points for all sorts of attacks, or nodes in distributed attacks, are of no interest to virus writers? Not a chance.
Re: (Score:3, Insightful)
http://news.bbc.co.uk/1/hi/technology/8096822.stm
The answer for this is for both Mac and Linux users to unite behind open standards in protocols and formats, and in Apple's case, demand Apple install them on their stuff. Anytime a user (on any OS) has to install a plugin to see a piece of content on a website, they are potentially vulnerable to installing a fake or infected player. If players are pre-installed, the content shows with no need to insta
About time someone made a report on this. (Score:2, Interesting)
There's, What, Three Web Publishers, Right? (Score:2)
Web publishers say they have started limiting the number of companies they outsource their ad selling to and are working with security vendors, such as San Francisco-based ClickFacts, to detect malicious software on their networks and remove it as quickly as possible.
I'm impressed! The Wall Street Journal talked to every Web publisher and got them to agree to do this. We should send Emily to go negotiate peace in the middle east.
Re: (Score:2)
At least two publishers.
Or, given how English works, technically zero works as well.
So lucky me... (Score:4, Informative)
"As our way of thanking you for your positive contributions to Slashdot, you are eligible to disable advertising. "
Thank you for preventing my Gentoo Linux system for being infec...
Oh, wait...
Re: (Score:2)
Hey, if anyone wanted to write a malicious script for Linux, where else would they go?
Damn, we should feel so proud of ourselves.
Duh. (Score:2)
yes, but... (Score:3, Insightful)
Re:yes, but... (Score:4, Funny)
The Next Ad You Click May Be a Virus (Score:5, Funny)
Or it may win you ... A NEW CAR.
Are you prepared to take that risk?
Hmm ... that's not appearing like it should. It's spelt B-L-I-N-K, right?
Re: (Score:3, Funny)
Oblig Family Guy:
Peter: A BOAT'S A BOAT, but the mystery box could be anything. IT COULD EVEN BE A BOAT. You know how much we wanted one of those.
Creative? Huh? (Score:3, Insightful)
Another company's "creative?" What the hell does that mean? Is it some industry term for "crappy banner ad?"
Re: (Score:3, Informative)
Creative (noun, in advertising), referring to materials, imagery, or collateral prescriptively produced through creativity and the creative process
This is not specific to banner ads. This term is used in all forms of advertising.
Marketroid wordsmithing is epic meh (Score:2)
This term is used in all forms of advertising.
Why am I not surprised that this word is invented by a marketroid?
Re: (Score:2)
No child left behind and ebonics for all!
Very simple asnwer (Score:3, Informative)
NEVER, NEVER, NEVER, I REPEAT NEVER EVER click an ad banner. If you see somthing you REALLY want to view get the source and go there in another browser window, but clicking thru an ad banner is somthing I can't ever remember doing in the entire time I've been on the net...
And this is why... (Score:2, Insightful)
Re: (Score:2)
And that is why many informed users don't use Chrome, Safari, or IE.
Not News To Me (Score:3, Insightful)
I've been cleaning crap off of computers installed by ad popups for the past year now.
It's worse than that (Score:5, Interesting)
Not clicking on banner ads isn't enough. For years I've been fine with letting any non-Flash banner ad through, but I a few months ago I finally installed Adblock after finding one too many PDF exploits being loaded through banner ad display code.
It works like this: You are minding your own business browsing some perfectly legitimate web site when suddenly you get a dialog box asking if you would like to execute the JavaScript in "this PDF document". There's no PDF in sight, no other windows, nothing else suspicious.
Oh, but you only get this dialog if you have JavaScript disabled in Acrobat (most people don't).
Re: (Score:2)
I'd like to tag this comment 'foxit'.
In all seriousness though, wouldn't not having acrobat solve this particular problem? Or are you just suggesting that it's a sign of the increasing number of possible attack vectors?
Re: (Score:2)
It works like this: You are minding your own business browsing some perfectly legitimate web site when suddenly you get a dialog box asking if you would like to execute the JavaScript in "this PDF document". There's no PDF in sight, no other windows, nothing else suspicious.
Oh, but you only get this dialog if you have JavaScript disabled in Acrobat (most people don't).
I experienced just the opposite...
I kept seeing those dialogs until i disabled javascript in Acrobat.
Maybe you should go back and check to see if its disabled on your computer.
I also complained to the sit owner, but I couldn't say if its been fixed, since I don't see the dialog anymore.
Not surprised (Score:2)
Since I installed AdBlock Plus (for purposes of lowing annoyance level), I've noticed as a very pleasant side effect that my malware infection level has dropped tremendously.
Barely need to run AdAware & SpyBot & co any more, and when I do [even when their definitions are fully updated], there's barely anything for them to find
Re: (Score:2)
Interesting. You actually get infections to clean up, and not just one here and there, but to the point you can talk about "malware infection level" as if it's routine?
There's apparently millions like you, so you're not alone by far, and I'm glad that you're so honest about it, on a tech site where a lot of users (including me) either have never had an infection or wouldn't admit to it if they had, but wow, you're perhaps the first poster I've seen, certainly the first /. poster I've seen, that treats it a
Where's the news? (Score:2)
It's anything but news. And I'm not even talking about shady scareware or "come to the page and you already signed an abo for 2 years and 160 bucks" scams.
Drive-by infection ad pages have appeared in noticable amounts about 2-3 years ago when iframe infections became en vogue. They were (and are) even actually quite professional, not just a copy of another company's page, they appear legit, but usually sell crap no person would actually want to buy (either overpriced or obviously bogus). But that's not the
Good reason to block ads at the corporate firewall (Score:3, Interesting)
This is a good reason to block all ad sites at your corporate firewall. You'll probably cut your Internet bandwidth usage in half, too.
... And this is news how? (Score:2)
To be honest, "fake" ads dragging you to a hateful, malware-spewing website is rather tame. The real fun was the banner ads that infected you directly, simply by viewing the flash.
*Sigh*
Just another reason to use adblock and noscript.
Gotta ask a question... (Score:2)
So say someone clicks an ad at a reputable site to support them, which is actually malware which does 'software' damage(lost productivity, loss of PC uptime, etc) to a users PC by injecting something. Who becomes responsible? The end user? The content provider? Ad provider? Guy making the malware? Everyone? Last 3 people in the chain?
Answers to this? I realize those of us in the /. crowd are technically inclined, but the average person isn't. I really do start to expect heads to start rolling over
Well... (Score:2)
What ads? (Score:2)
Not bloody likely! (Score:2)
I haven't even seen an ad in years...what am I going to click on that's not there?
(Firefox-since 0.8ver.-before it was called Firefox, Adblock [plus], noscript, and flashblock)
Does this advirus run on Linux?
(kubuntu 5.04 thru 9.04-presently)
What last ad? (Score:2)
In case you did not know it: Average click-rates of ads on the Internet are even below the number of random clicks that people do in error. I know, because I worked at a large company, and my colleagues studied exactly that.
0.1% click rate is something, that ad companies will open bottles of champagne about. Usually it's much less.
Which can mean both, that ad-blockers are used more and more, and that people subconsciously click less on ads, even when they did not want to click there.
In my eyes, all ad click
Not LaCoste (Score:2)
Hardly surprising coming from a nation who think McDonalds is a restaurant instead of a burger bar.
Whew! (Score:2)
What timing, I tell ya...
Re:A virus? How? (Score:4, Funny)
Ads link to malware sites?!? YAWN!
That was quite a loud yawn.
Re:PC huh? (Score:4, Insightful)
"direct users to a Web site where harmful programs would be downloaded to their computers, says Stephen Wellman, director of community and content for Ziff Davis."
Do these affect Linux or Apple PC's? I'm guessing it's the good old Windows .exe and .dll again, an exclusive Windows issue disguised as a "PC" issue.
"direct users to a Web site where harmful programs would be downloaded to their computers, says Stephen Wellman, director of community and content for Ziff Davis."
Do these affect Linux or Apple PC's? I'm guessing it's the good old Windows .exe and .dll again, an exclusive Windows issue disguised as a "PC" issue.
Yes, this is a "PC" issue, more specifically it is a "moron PC user" issue. Trust me, if the Linux and Mac marketshare were actually worth targeting for malware writers, you would see the very same kind of malware attacks succeed, because if the user clicks "Yes" to all prompts, what's there to prevent the malware from doing it's thing if it's actually designed to run on Linux.
Re: (Score:3, Insightful)
If you're an idiot, you're vulnerable no matter what OS you're running.
Whether the site is offering you freeporn.exe or freeporn.sh doesn't matter so long as the user runs it.
Sure, on a secure multi-user system you probably can't screw up everyone else's stuff like you can on Windows but setting a botnet daemon or a keylogger to run on user login is easy.
Re: (Score:2)
One difference is that in Windows (pre-Vista or probably Vista with UAC turned off), you don't even have to give a password to run nakedbritteny.exe. nakedbritteny.sh or nakedbrittany.dmg do require a password, which means some of the less stupid won't run it.
Re: (Score:2)
"direct users to a Web site where harmful programs would be downloaded to their computers, says Stephen Wellman, director of community and content for Ziff Davis."
Do these affect Linux or Apple PC's? I'm guessing it's the good old Windows .exe and .dll again, an exclusive Windows issue disguised as a "PC" issue.
Why is it that areas where Microsoft want to portray a large market share (either exaggerated by reports from shills or real) they have the words Microsoft and Windows all over the stories, yet when it's something they have an almost 100% market share on (malware compatibility and vulnerability), there's no mention of either Microsoft or Windows; it's all just PCs.
FAO the Microsoft Astroturfers, it was a rhetorical question but feel free to do your job and mod me down for pointing out the obvious. Wait, Ziff Davis does ring a familiar bell, hmmmmm.
As far as I can tell it's an exclusively non-adblock user issue.
Re: (Score:2)
Yes. The same ones who get suckered by spam.