Google, Microsoft Ads Link to Malware

by John Lister on 20101215 @ 10:27PM EST | google it | send to friends
Filed under Security | (related terms: bogus, ad, microsoft, google, internet explorer)

According to security firm Armorize Technologies, both Google and Microsoft ad systems recently linked to web sites containing malicious software.

Once an infected link is clicked, Internet Explorer automatically installs bogus software that claims the user's PC is infected, requiring payment to remove the alleged problems.

Santa Clara based security firm Armorize Technologies says that the bogus links appeared on banner ads provided through DoubleClick (owned by Google) and MSN (Microsoft). The ads did not appear on Google or Bing's search results pages, but rather on third-party websites that had sold the ad space via Google and Microsoft.

Links Exploit Microsoft Internet Explorer

The malicious links exploited security flaws in Internet Explorer and automatically installed a bogus scareware application named "HDD Plus."

Posing as legitimate security scanning software, the bogus application claims a user's computer is infected or has serious technical issues, and requests a full (paid) version of the software to remove the alleged infections. (Source: infoworld.com)

Scammers Use Credit Card Double-Whammy

Many of the scams which operate online in a similar manner often use the double-dip principle: as well as getting the payment for a bogus upgrade, the scamsters behind the dupe also harvest credit card details of victims, though it's not known if this is the case with this specific piece of scareware.

Malware Spread Likely Due to Oversight

The bogus links were detected by Armorizes' security service, HackAlert.

At first, the security research team believed that the bogus links were coming from a legitimate ad marketing company AdShuffle; however, further examination revealed that domain name was "adshufffle.com" (note the extra 'f'').

That confusion looks to be the most likely reason that the ads were verified as "OK" and passed onto both Google and Microsoft's ad networks, though at this point it's speculative. An automated and computerized verification would have picked up the deliberate misspelling of the domain name, which suggests that the scammers running the bogus links succeeded in fooling a human ad representative.

HDD Plus, Others Likely to Continue Spreading

Armorize says it was "very surprised and impressed with the speed that DoubleClick acted" after being informed of the bogus ads. (Source: armorize.com) That said, the scam itself has in no way been eradicated and is expected to continue through the holidays using other ad networks and bogus websites.

Free eBook: Windows 7 - The Pocket Guide. Windows 7 is by far the most favorite and widely-used Microsoft operating system to date, and, there are literally thousands of customizations you can apply to it. This pocket guide will help you customize your Windows 7 PC and make it work in the easiest and most optimized way possible. The eBook is written in an easy to understand manner, whether you're a newbie or seasoned pro user. Click here to download this eBook now! Note: this eBook is free, but registration is required; after that, you can select more ebooks and videos for download without registering again. If you have questions / problems with the registration form, please read this.

Free Newsletter

Stay informed -- get our timely news delivered via email or RSS!

Most Clicked Stories
(In the Past 15 Days)

Freebies

Recommended Sites

DownloadMix.com: More Freeware + Shareware

About

Established in 2001 and read by over 250,000 users world-wide, infopackets features the latest in headline news based on MS Windows, Internet, and technology trends. Subscription to our website is free! Join our discussion list, today!