Msg#: 3484076 posted 3:52 pm on Oct 22, 2007 (gmt 0)
ComputerWorld reports [computerworld.com] of Trojan infested ads being served by 24/7 Real Media. Since October 8th, hackers inserted an iframe into the ads served by 24/7 and distributed trojans via the ad network servers. It's not known how widespread the attack is.
Andrew Storms, director of security operations at nCircle Network Security Inc. "So much of the content we consume today comes from many syndication services," Storms said in an e-mail interview. "We trust that the content provided to us by Internet 'blue chips' is safe from malware.
"This should be a wakeup call for sites which offer syndicated content," Storms said. "They need to take a more active role in ensuring the security of [that] content."
Msg#: 3484076 posted 5:01 pm on Oct 22, 2007 (gmt 0)
Wow, that's serious. 24/7 has a huge reach (121 Million uniques a month and possibly running for 2 weeks), coupled with the number of vulnerable systems out there means a lot of people will have been infected.
WPP (a large advertising company with deep pockets) now own 24/7. It'll be interesting, as they are a third party which most disclaimers will not cover (in terms of limiting liability from use of a site), to see if this turns into more than just a bad PR day.
Msg#: 3484076 posted 5:15 pm on Oct 22, 2007 (gmt 0)
I don't think this is too uncommon especially with lower-end advertising companies. I play an online game that has ads and for years I have caught their ads trying to install malware onto my PC.
I've reported it but they've never done anything about it. I've even shown them that they can make a lot more with more honest ads considering they have over 40,000 active players each who log on several times a day, but they never listen (or even respond). I've even sent them screenshots of the infected programs (and other needed software) and they still don't listen. On their official forum there is a running thread of what malware gets put on the PCs (or at least attempted to) and from where.