back to article Rogue ads infiltrate Expedia and Rhapsody

This story was corrected throughout to name as one of two sites found by Trend Micro and Sandi Hardmeier to be serving malicious banner ads. While has been found in the past to also host attack ads, there are no recent reports it has done so recently. and are the latest name-brand …


This topic is closed for new posts.
  1. Morely Dotes

    Ways and Means of Protection

    "If you've got a good suggestion for ways users of other browsers can protect themselves, please leave a comment"

    1. Don't use Internet Explorer on the Internet. Seriously. Microsoft has integrated it into the OS, so if IE is compromised, your compute is compromised.

    2. Go to, search for "hosts" and install the hosts file provided by MVPS. It won't stop your browser from running scripts, but it *will* stop your computer from accessing thousands of known malicious Web sites.

    3. Boycott any site that permits shockwave or flash advertising banners. That's simply irresponsible site management.

  2. Tim

    Install Firefox with Adblock plugin

    Installing the hosts file will help quite a bit, but to be safe, install Firefox and the Adblock plugin

  3. Will Godfrey Silver badge


    All the people on here have either already been hit with the cluestick, or are the ones wielding it.

  4. Anonymous Coward

    boycott what eh?

    "3. Boycott any site that permits shockwave or flash advertising banners. That's simply irresponsible site management."

    You're suggesting we boycott ELReg then. OK so those are The Register's own ads for that symposium thing, but they are flash.

  5. Anonymous Coward

    Re: Ways and Means of Protection

    Regarding your third point, from memory El Reg servers up said Flash banners (I've been using AdBlockerPlus for some time now....).

    Practice as you preach? ;-)

  6. Anonymous Coward


    1) Your an arsehole if you run any AV program, much less installed from an advert on a website. AV is dead technology, and they can't keep up with the tide of new malware.

    2) Disabling flash is a valid alternative. Flash was always crap used mostly for adverts.

    3) F*ck adblock. Just edit your hosts file to block * and * and you will removed 99% of ads from IE or Firefox.

  7. Pete

    let me see

    I got one of these today actually. it served up a very convincing dialog box that look just like any other Windows XP dialog, telling me that to view content on the site I need to download and run setup.exe


    This dialog box looked nothing like the standard dialog boxes Mandriva Linux produces, so I could immediately see it was fake, and even if I had tried to run the program, I doubt it would have infected me.

    When I am forced to use Windows XP I turn off the fancy graphics, luddite that I am, so even using windows I would have noticed the difference.

    Obviously apart from the fact I would not have been so stupid to install something from a popup anyway, there are huge advantages to running an OS that is not Windows.

    I know, cliche linux fanboy post, but it did have to be said.

  8. TrishaD

    @Brent Gardner

    'Your an arsehole if you run any AV program, much less installed from an advert on a website. AV is dead technology, and they can't keep up with the tide of new malware'

    So major corporations with access to the internet ALL spend a great deal of money each year on nothing at all?

    Sorry - but this is an entirely unhelpful comment fairly typical of the 'I'm a smart technician and anyone non-technical is an utter cretin' sort of mentality that blights these comments pages...

    If I buy a car I have no expectation that I should have to do anything more arduous than fill it up with gas and take it for a service every six months or so. The internet is not some propellor heads' playground, its a tool used by millions of non-technical people every day to go about their business and have fun.

    Telling them NOT to buy AV products is really not helpful....

  9. robert


    although its commercial software Admuncher is really good. Parses all the html before it gets displayed and removes all banners, adverts, popups etc etc a lot better than adblock, and also removes ads from messenger etc.

    Think it cost me about a tenner, had it since 2002 and best bit of software ive bought in a while. I signed up for theyre partnership thing too.

  10. A J Stiles

    Advert Blocking

    Frankly, I'm surprised that broadband resellers are not offering advert-blocking as a premium service. For an extra tenner or so a month, you would get all known advertisement-farm servers blocked by a transparent proxy server; and access to a page where you can upload the URLs of sites still displaying adverts despite the ISP's best efforts (this probably would require human intervention; but so does staffing a help desk, and the rôles could be combined: when not answering the phone, help desk personnel can be checking out advert servers).


    "So major corporations with access to the internet ALL spend a great deal of money each year on nothing at all?" -- YES. They are paying for Windows, for crying out loud, when there are superior alternatives available for the taking. Anti-virus software only exists at all because of the way Windows works. Windows never used to have such a thing as privilege separation; so historically, programmers have assumed and expected that every user would be privileged. This causes a lot of legacy applications to break if run as a non-privileged user. And the idea that nobody else is ever going to see the Source Code has led to some incredibly sloppy programming (_vide_ 1.x for a particularly egregious example of this).

    Windows apologists will gleefully rush in here to point out that there are threats against which unix-style privilege separation or access to Source Code won't protect you. To which I can only say: That is true, but neither will anti-virus software, so what's your point again?

  11. Anonymous Coward
    Anonymous Coward

    Getting the ads taken down

    Now I've visited one particular, reasonably well-known and reputatable, site in the past year which has several times tried to force WinFixer (dubiousware) on me. I have not yet been able to be taken seriously by the site owners when I report it. They just tell me I must be mistaken. Theirs was the only site affected, and the spurious error could even be (mostly) reproduced by clearing cache and revisting them a few times.

    If sites running bad ads won't heed warnings from well-meaning site visitors, these things will remain visible for longer.

    PS. I have about 8 entries in my hosts file which block 90% of all ads I find annoying. How anyone can actually read an article without being distracted by the aeroplane or rocket flying past in the adjacent ad, I don't know. I can't block the Flash/ads at work, but have pestered our IT folks about it.

  12. TrishaD

    @ A J Styles

    My point is that the majority of large organisations who deploy AV dont suffer from virus attacks.

    The same way that the vast majority of home Windows users who deploy AV dont suffer from virus attacks.

    Yes, AV is reactive. But saying that it doesnt work is crass. In my opinion, of course.....

  13. Anonymous Coward

    mainstream destinations that include [ ... ] Blick

    "Blick"? Never heard of it. Is that some kind of South African website?

    Yes, I'll get my coat. Sorry to be such a boer.

This topic is closed for new posts.

Other stories you might like