New York Times shows bad banner ad
Visitors to the New York Times website over the weekend were sporadically confronted with scareware pop-ups telling them that their PCs had an infection. According to the newspaper, criminal elements succeeded in inserting banner ads into the newspaper's advertising network. The ads were then were displayed to visitors to the website.
This sort of thing is nothing new, indeed heise online, The H's associated publication in Germany, suffered a similar incident in early 2008. Many web portals now have established control mechanisms to prevent ads from untrusted sources from being displayed. In many cases, web servers load their ads from defined ad servers, to which banners and flash applets are uploaded by known advertising agencies and other customers.
In this case, the fraudsters passed themselves off as Vonage, which had previously advertised without incident on the New York Times website on a number of occasions, and which was authorised to load ad campaigns from servers belonging to external advertising service providers. This allowed the fraudsters to switch the external servers from serving genuine Vonage ads to serving their scareware ads.
It's currently unclear how many visitors to the site were affected. Diane McNulty, a spokeswoman for the Times Company, said that “In the future, we will not allow any advertiser to use unfamiliar third-party vendors".
Information on recognising scareware, protecting yourself from it and removing it can be found in the feature article "Thieves and charlatans - Rogue antivirus products" from The H Security.
- Malicious advertising banners distributed by eWeek, a report from The H.
- Malicious ad banners on popular websites, a report from The H.