Malicious advertising banners distributed by eWeek
eWeek, an online magazine, has become the victim of an advertising campaign that sends users malicious code, instead of the expected colourful advertising images. According to security expert Websense, an advertising banner, distributed via eweek.com yesterday (Tuesday) tried to install the Anti-Virus-1 scareware on visitors' computers using a malformed PDF document. The software reportedly pretends it has found a system infection to trick users into buying a full commercial version of the program.
eWeek has now responded and stopped the malicious advertising campaign. In a statement regarding the incident, eWeek said that not only eweek.com, but other web sites, within the Ziff Davis network, deployed the malicious banner. According to the statement, the attackers targeted an old security hole in Adobe Reader rather than the, as yet unresolved, security issue recently found in Adobe products.
Attacks via malformed Flash ads are actually quite common. The affected portals struggle to protect themselves against this method, because the banners are usually marketed by external contractors, who in some cases use their own servers to deliver advertising content to website visitors. Among the portals compromised last year were, for example, Myspace, Excite.com and a number of popular daily newspapers.
- eWeek Web Site Leads Users to Rogue Anti-Virus (AV) Application, a report from SecurityLabs
- Attackers Infect Ads with Old Adobe Vulnerability Exploit, a report from eWeek
- Flash banners manipulate the clipboard, a report from The H
- Malicious ad banners on popular websites, a report from The H