Up to 12 million infected ads were served recently to sites in the Yahoo-owned exchange.
Online ads infected with a Trojan virus have been delivered to users of numerous high profile sites participating in Yahoo-owned Right Media's online ad exchange, according to Web security firm ScanSafe.
ScanSafe reported that during a period beginning August 8th and lasting until early September, it saw a surge in the number of a Trojan-Downloader.VBS.Agent it was blocking. The virus was being unknowingly distributed by over 70 Right Media ad servers, which Scansafe estimates delivered up to 12 million infected ads in recent weeks. Myspace, Bebo, Photobucket and The Sun were among the sites carrying virus-laden ads.
Although declining an interview, a Right Media spokesperson issued a statement saying, “We became aware of a Trojan [advertisement] introduced into the Right Media Exchange by a member network. The ad has been identified as a high risk creative and banned from the exchange”.
The Trojan itself required no interaction from the user to infect their machine, meaning that insufficiently patched operating systems were vulnerable simply by browsing to a page containing the ads. The adverts were being delivered to Right Media’s network from a third-party ad server, which was rotating both legitimate and infected ads. The infected placements delivered a Flash file generating an invisible ‘iFrame’, which prompted the download of a Trojan executable file.
In a recent press release, Dan Nadir, vice president for product strategy at Scansafe said “this is another example of how legitimate ‘trusted’ Web sites can unknowingly host malware. Online ads have become a primary target for malware authors because they offer a stealthy way to distribute malware to a wide audience”.
On its Web site, Right Media describes how each newly uploaded creative is run through a series of 10 tests in order to detect malicious activity. ScanSafe suggested the infected ads were designed to distinguish between scanning servers and regular site servers, and to deliver to the former ads with no malicious code to avoid detection.
Right Med's spokesperson did not discuss future plans to prevent future incidents of this nature, but said the ad exchange is "committed to finding ways of keeping this type of activity away from consumers and publishers”.
The use of online advertising as a delivery mechanism for malware appears to be a rising menace. A report released earlier this summer by the Finjan Malicious Code Research Center found a rise in the use of affiliate ad networks to infect computers with keystroke loggers and other malicious code.
On the heels of a fantastic event in New York City, ClickZ Live is taking the fun and learning to Toronto, June 23-25. With over 15 years' experience delivering industry-leading events, ClickZ Live offers an action-packed, educationally-focused agenda covering all aspects of digital marketing. Register today!
Jack Marshall was a staff writer and stats editor for ClickZ News from 2007 until August 2011.
Hong Kong, May 5-6, 2015
Gartner Magic Quadrant for Digital Commerce
This Magic Quadrant examines leading digital commerce platforms that enable organizations to build digital commerce sites. These commerce platforms facilitate purchasing transactions over the Web, and support the creation and continuing development of an online relationship with a consumer.
Paid Search in the Mobile Era
Google reports that paid search ads are currently driving 40+ million calls per month. Cost per click is increasing, paid search budgets are growing, and mobile continues to dominate. It's time to revamp old search strategies, reimagine stale best practices, and add new layers data to your analytics.
May 6, 2015
12:00pm ET/9:00am PT