Visit our Facebook page and become a fan.
'Malvertisements' Take a Toll on Businesses, Consumers
Ads tainted with malware are likely infecting millions of PCs, according to security intelligence firm RiskIQ. A recent rash of infections triggered bogus security warnings, followed by an offer for fake antivirus protection. Consumers bedeviled by fake anti-virus pitches have started bad-mouthing web sites they believe triggered the bogus promos.
Consumers browsing popular Web sites increasingly are encountering ads that infect their computers -- and the online advertising industry is scrambling to quell the problem.The spread of "malvertisements" has risen tenfold over the past year -- spiking to nearly 15,000 tainted ads in May, likely infecting millions of PCs, according to security intelligence firm RiskIQ.
Tainted ads were found on "major sites such as weather.com, foxsports.com, monster.com and usnews.com, just to name a few," says Elias Manousos, CEO of RiskIQ.
A recent rash of infections triggered bogus security warnings, followed by an offer for fake antivirus protection.
Last month SpeedTest.net -- a popular Web site that consumers use to measure the speed of their home high-speed Internet connection -- was hit by the tainted ads.
Simply navigating to the site launched the promos, which locked up the visitor's PC until he or she purchased worthless "protection" for $35.
Organized-crime gangs have streamlined the process of sneaking viral ads into the distribution system used by advertising networks to place ads on Web sites.
"The average home computer user faces a high risk of being attacked by malvertisements," says Vincent Liu, managing partner of security consultancy Stach & Liu.
"Most Web sites aren't as on top of this as we are," says Doug Suttles, chief operating officer of Web diagnostics firm Ookla, SpeedTest's parent. "We were surprised someone got in. We quickly stripped it out and locked things down."
However, tens of thousands of other Web sites that use the same technology to deliver legitimate ads to their sites are wide open to this new type of attack, says Matt Huang, chief operating officer of Web site security firm Armorize.
In another twist, consumers bedeviled by fake anti-virus pitches have started bad-mouthing Web sites they believe triggered the bogus promos. Armorize has documented numerous consumer complaints that have gone viral on Twitter and other social networks, causing a drop in visits to the sites.
"Publishers are seeing their traffic and transactions drop in real time," Huang says. "They are seeing an immediate financial impact from warnings appearing all over Twitter not to visit their site."
Validating ads has become a major conundrum. Web publishers trust the ad networks to continually rotate ads to their Web pages.
Meanwhile, the big ad networks, such as Google, Adobe, Microsoft and Yahoo, use automation to pull in ads from a series of smaller networks and agencies. "The process isn't flawless, and thus malvertisements end up running in the wild," Manousos says.
Consumers can protect themselves by making sure their anti-virus programs and all updates are current for their Web browsers and popular applications, especially Adobe Flash and Adobe PDF.
Wireless Business Solution Zee Tawasha