In association with heise online

14 December 2010, 16:45

The trick with the f: Google and Microsoft web sites distribute malware

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Last week, Google's DoubleClick advertising platform and Microsoft's online ad network briefly distributed malware to other web sites in the form of advertising banners. Visitors to and other web sites then received scareware. Although according to a Google spokesman, the malware filter in the "DoubleClick Ad Exchange" system did automatically block a number of malicious ads.

Third-party advertising banners distributed via DoubleClick and were the source of the attacks. Apparently, criminals managed to appear as if they came from AdShuffle, an established advertising platform, simply by using their own server with an address reading (three fs). The banners were downloaded from this server.

In user's browsers, the banners opened an iframe, where the Eleonore toolkit attempted to exploit holes in Java and Adobe Reader to infect PCs. The infection presented itself as a hard drive recovery tool called HDD Plus, which told users they had a hard drive problem and tried to convince them to purchase a full version of the bogus tool.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit