Banner Ads Attack!

You thought you were safe didn't you? Being ever so careful not to enter a site you couldn't trust, scanning every email before you opened it. It was all so perfect...until that banner ad.

Late last week it was reported that hackers had found a remarkably sophisticated way to break into the average computer. Several trusted websites found malicious software hidden within banner ads on their web pages. Companies affected included The Economist.com, Canada.com, and MLB.com. (Source: cbc.ca) The amazing part about the scam was that you only had to visit the site and see the infected page for your system to be vulnerable.

The malware apparently snuck into the banner displays through DoubleClick's advertising management platform, Dart. DoubleClick is one of the most common Internet marketing companies on the web, and chances are you visit sites managed by their programs every day. The code was reportedly buried in Flash protocols making it extremely difficult to detect. (Source: Wired.com)

Exploit Prevention Labs, makers of Link Scanner Pro, explained the scheme in a YouTube video.  Once infected, the computer's web browser automatically closes and then reopens to a supposed anti-virus software site. Then a dialogue box tells the user that their computer is infected and begins to scan the hard drive. Following that, the program attempts to install software onto a computer called LongLifePC, and, if refused, tries to start a download again and again. (Source: You Tube)

According to EPL's video there is no immediate fix for the problem, and normal anti-virus software is not designed to be scan for the security threat until the user has already been redirected to the fraudulent website.

Wired.com, the first to break the story, reported Russian-based company Ad Traff is apparently behind the scam. The company is believed to be associated with another well-known malicious scheme operator, the Russian Business Network.

DoubleClick is aware of the problem, but seems almost powerless to stop it. In a statement to Wired, Sean Harvey, senior product manager at DoubleClick DART said, ""Unfortunately, there are bad actors who misrepresent themselves and purchase advertising as an avenue to distribute malware. This has the potential to affect all businesses and consumers in the online environment."

Not a particularly encouraging statement.

"We're entering a new phase on the worldwide web," the EPL video narrator says. "Some people call it Web 2.0, some people call it Web 'Uh-oh.' But the point is that it's a media-rich world that we're living in, and all of these websites are trying to make themselves as interesting as they possibly can, and as up-to-date as they possibly can. Which means that they're pulling traffic from all over, and they're pulling ads from all over because there's good money in it, and it's a dangerous situation...When does it stop? The answer is never."

Wonderful news to kick-off the holiday season!