back to article 'Malvertizement' epidemic visits house of is one of several high-profile websites suspected of running rogue banner advertisements that try to trick visitors into installing fraudulent anti-malware programs, security researchers warn. The malicious ads have been appearing on Newsweek's website via feeds that carry the address, according …


This topic is closed for new posts.
  1. David Barr

    Fine needed

    The Police have a duty to prosecute

    If I go to McDonalds and it turns out their supplier's supplier that was at fault for the glass in my burger then it's McDonalds that would be the ones paying me (before) court.

    Likewise if my personal details were passed to fraudsters because the subcontractor's outsourced data center of the insurance company that my bank use to underwrite an insurance policy was dodgy, then it would the bank that was at fault.

    Where a crime has affected many people by a small amount - in other words it's not reasonable for a single individual to press charges - then I believe the Police have a duty to act.

    If no action is taken then it's a signal to businesses dependant on ad revenue that they do not need to take reasonable care to check their adverts, or at the very least ensure they have procedures and policies which are appropriate for the agencies that they use to supply ads.

  2. Jack Harrer


    Haven't seen any of those. Adblock plus anybody?

    BTW: it's hilarious when you see banner claiming that computer is infected - when you run Linux, and banner looks like Win window ;)

  3. Colin Wilson

    @ David Barr

    so where you receive an unsolicited premium rate text, you think the police will bother their arse to prosecute ?

    That's theft on a massive scale, all supported and universally ignored by all but one mobile company that allows you to opt out of premium rate texts.

    Sure, it's only £1.50 a time, but a couple of them per mobile, times 50,000 random numbers...

  4. Jodo Kast

    Use a Hosts file

    Use a hosts file to block this type of garbage.

    You know you are blocking properly when Newsweek's CSS does not load.

    Where did they find their web developers?

  5. David Barr

    @Colin Wilson

    No I'm pretty sure they won't. However I think they should.

  6. Anonymous Coward

    My father picked up Antivirus XP 2008 from Multi-map.

    He's not sure which banner he accidentally clicked, but be warned. It took hours to sort out.

  7. Anonymous Coward
    Anonymous Coward

    Phorm - wEBwISE

    You ain't seen nothing yet!

  8. yeah, right.

    @Wilson, Barr

    Apart from a new noteworthy cases, the coppers are too busy arresting photographers and shooting innocent techs to be bothered with actually finding and arresting those committing crimes. Even if they did bust their arses to find and arrest these people, the CPS (or the American equivalent) would just refuse to prosecute, preferring instead to spend court time on that evil tv tax evader.

    So don't expect any help from the "Justice" system. Need to find some way to use the so-called "anti-terrorism" laws (available in a western country near you) against them. THEN we'll see some action, but only if the malware authors have brown skin.

  9. Anonymous Coward
    Thumb Up

    @Jodo Kast

    There we go! Finally, a practical solution for the average user. Well done. It's amazing nobody thought of this before!

  10. Rich

    Known bad actor?

    So I've got this ad that points to - do I need to block it?

  11. Chris C

    @David Wiernicki

    Forgive me if I misinterpreted your tone, but it's late and I'm tired, so I can't tell if you're being sarcastic or not. If not, let me point out that using the hosts file is by no means new. It's been around for years (if not decades). That's how I set it up at one of my clients about 8 years ago, before they installed a transparent proxy with web filtering. They have a Windows server and all Windows workstations, so I created a text file they could edit and add to, and this file was copied to all users' hosts file (both Win9x and WinNT) in the login script. Of course, iptables+Squid+DansGuardian on the proxy/firewall is a much better option in my opinion, even for homes if the home has multiple computers.

  12. Anonymous Coward
    Thumb Down

    who cares as long as the big name sites and the ad companies get the cash

    who cares as long as the big name sites and the ad companies get the cash, its not like any of you will do anything other than sit there at your keyboards and type nasty emails on messageboards.

    you cant even be bothered to write a real letter, or fill in a court claim form down your local court house to bring private actions, do you even know were your local courthouse is, probably not.

    your always looking to someone else to do your hard work for you rather than (as the brits say) get of your fat lazy arse and help each other in a common lawful action.

    hell your so taken with the big business and their big bling you dont really care enough about this to do anything other than post.

    most effected people cant even be bothered to do that, they struggle to even take the time to read these so called user empowering messageboards and shake a finger, never mind post a comment.

    and even when they do finally take the time,some Master controller Mod will take control and closed the thread down for their own purposes and finantial reasons, see that phorm thread and their one rule for you and anything goes for the Mods LOL.

    you have to wonder how much advertising revenue that team will be seeing soon from these very big name sites and ad companys scratching the backs of the backs of the good and the great.

    now go and post your outraged emails and move along,so everyone can get back to makeing their profits and paying their good new friends their be my friend today, get a bonus tomorrow.

  13. Anonymous Coward
    Thumb Up

    anyone seen the new ‘'Malvertizement' epidemic ads threat

    im waiting for the ‘'Malvertizement' epidemic ads that fool people to to downloading and installing a valid Hosts file full of the worlds currently known ad IP address that directs them to

    do you think the worlds ad companies and their buddys might sponsor a MS patch to remove these hosts files.... ;)

  14. Dougal

    deary me...

    1. If you click an ad like this out of choice, you'll probably become a victim of darwinism in the near future. Probably by trying to "save time" by making toast in the bath.

    2. Common sense anyone? Oh I've been on this website .3 of a second and already you know my pc is "infected?" Hmm....

    3. Adblock...

    4. Adblock again just for good measure.

    5. Er...

    6. That's it.

  15. Tom Simnett
    Thumb Down

    @ Jodo Kast

    Interesting solution, but your final comment - "Where did they find their web developers?" - doesn't really fit here. It's not usually down to the web developers to decide on a network strategy, and it looks like NewsWeek have decided to use separate servers, or clusters of servers, (not in themselves accessed via a proxy) to deliver images/css/content.

    Talk to the network guys if you've got issues with this. Not the web developers.

  16. Matthew Ellen

    Too Many?

    "The use of multiple affiliates to buy and sell online ads also makes it hard for sales staff at established websites to separate legitimate ads from those that are designed to defraud or attack."

    Well, if that's the case, all ads should be hosted by Google. One point of failure then. Especially good, as we know we can trust them.

  17. Wayland Sothcott

    Most people are new to the Internet

    Due to the rapid and continuing growth in the number of Internet users most people have not been using the Internet very long. They are unacustomed to it's 'wild west' ways. They think it's like TV and that it's all safe and regulated. They have heard of viruses and spys and are only too willing to take advice about the dangers and how to protect themselves. However they are so gullible that they will take advice that pops up on their computer screen. They think the adverts on a website are endorsed by the site owners when in fact they could be on the same subject as the site but total opposite of what the site is about.

  18. Elmer Phud

    @ amanfromMars -- spot on, as usual.

    Many folks don't seem to bother to read through amfM's posts which is a shame as he often points out the bleeding obvious. Personally, I love the Evangelising stuff - the Use of Capitals that seems to mock the M$/Penquin fanbois and their campaigns to Spread the Word to the Masses (you don't need to find Jeezus to use big letters).

    He's right again on this one -- it's technology in action in the raw, isn't this what you are all striving for? - but you've got to accept that there is money to be made and it's all down to business in whatever form it takes. T'web is not a holy sanctuary where one is supposed to prostrate oneself at the alter of code - it's both a money-making machine and a playground.

    It's no different from any other aspect of life, nothing special, nothing holy, nothing that can't be used/abused depending on what you're after.

    People have been getting conned for as long as there have been people,

  19. Anonymous Coward

    Simple solution

    Make calle your favourite representative (all 'mocracies have them), and explain how it would benefit society that websites showing a "your computer is infested"-themed ad to a user that isn't infected, MUST pay that user something in the order of $1000. Explain how it would be in the politicians interest to make sure this turns into law, because they you won't call the local newspaper to get the same amount from them, for them _licensing_ the use of the pictures of that politician and the teenager. This usually gets them to consider things soberly, because as all good politicians they are even more concerned about protecting their political life, than lining their pockets from their "campaign contributors". Politicians going out of business usually has a harder time lining their pockets, so it's simple greed.

    If we can make sure there is money TO BE LOST from allowing such ads to surface, I'm fairly sure a solution will surface. In a matter of seconds. The solution is to remove the advertiser from the customer list of the adcorp.

    Since I know adcorps have less moral than leeches, I post anon

  20. nbc

    If you say so


    You may be right, but I have not got the time to wade through the Phud from amfM

  21. Pete
    Paris Hilton


    How much do they charge for 178 copies for our corporate network?

  22. Anonymous Coward
    Anonymous Coward

    Even the "respectable" . . .

    Many months ago attempted to log out of a session on the Guardian (UK) website. An advert from British Airways had animated (another intense irritation, for another time) its way into existence at the periphery of my vision. When I (thought I) clicked Sign Out, it turned out that the BA advert had placed a transparent window area over the Sign Out button, and I was redirected to their site. Relatively benign in this case, but there is absolutely no defence the end user can deploy against anything which might be delivered in this way.

    I wrote to the Guardian asking who was liable if they delivered malicious content to a user, but got no reply.

  23. Anonymous Coward
    Anonymous Coward

    How do we know the security researchers

    aren't trying to tick us into not installing them? :)

    Oh who to trust, in this wild and wacky web of a world.

  24. Andrew Oliver


    > If you've witnessed such ads, please leave a comment below.

    There's no way to tell as far as I can see.

    Surely I'd need to click it in order to realize it's a mal-ad, no?

    Unless you mean there are people who actually click ads on web pages?? weird.

  25. Anonymous Coward
    Anonymous Coward

    Do people want to see ads?

    I don't. Ever.

    Adblock here too --- and flashblock so I can decide not to see some other annoying stuff too.

  26. Brian Miller

    Our company has fallen

    At least three of our users have gotten various malware from exactly this.

    I just recommended the Adblock + and Noscript add-ons for firefox, but unfortunately only the technically aware use firefox habitually.

    Fingers crossed this will learn 'em good.

This topic is closed for new posts.

Other stories you might like