Up to 12 million infected ads were served recently to sites in the Yahoo-owned exchange.
Online ads infected with a Trojan virus have been delivered to users of numerous high profile sites participating in Yahoo-owned Right Media's online ad exchange, according to Web security firm ScanSafe.
ScanSafe reported that during a period beginning August 8th and lasting until early September, it saw a surge in the number of a Trojan-Downloader.VBS.Agent it was blocking. The virus was being unknowingly distributed by over 70 Right Media ad servers, which Scansafe estimates delivered up to 12 million infected ads in recent weeks. Myspace, Bebo, Photobucket and The Sun were among the sites carrying virus-laden ads.
Although declining an interview, a Right Media spokesperson issued a statement saying, “We became aware of a Trojan [advertisement] introduced into the Right Media Exchange by a member network. The ad has been identified as a high risk creative and banned from the exchange”.
The Trojan itself required no interaction from the user to infect their machine, meaning that insufficiently patched operating systems were vulnerable simply by browsing to a page containing the ads. The adverts were being delivered to Right Media’s network from a third-party ad server, which was rotating both legitimate and infected ads. The infected placements delivered a Flash file generating an invisible ‘iFrame’, which prompted the download of a Trojan executable file.
In a recent press release, Dan Nadir, vice president for product strategy at Scansafe said “this is another example of how legitimate ‘trusted’ Web sites can unknowingly host malware. Online ads have become a primary target for malware authors because they offer a stealthy way to distribute malware to a wide audience”.
On its Web site, Right Media describes how each newly uploaded creative is run through a series of 10 tests in order to detect malicious activity. ScanSafe suggested the infected ads were designed to distinguish between scanning servers and regular site servers, and to deliver to the former ads with no malicious code to avoid detection.
Right Med's spokesperson did not discuss future plans to prevent future incidents of this nature, but said the ad exchange is "committed to finding ways of keeping this type of activity away from consumers and publishers”.
The use of online advertising as a delivery mechanism for malware appears to be a rising menace. A report released earlier this summer by the Finjan Malicious Code Research Center found a rise in the use of affiliate ad networks to infect computers with keystroke loggers and other malicious code.
Learn Digital Marketing Insights From Leading Brands!
ClickZ Live Chicago (Nov 3-6) will deliver over 50 sessions across 4 days and 10 individual tracks, including Data-Driven Marketing, Social, Mobile, Display, Search and Email. Check out the full agenda, or register and attend one of the best ClickZ events yet!
Jack Marshall was a staff writer and stats editor for ClickZ News from 2007 until August 2011.
Hong Kong, October 21-22
London, November 13-14
San Francisco, November 13-14
London, November 18-19
To help brands control how they appear online, Google has developed a new offering: Google My Business Locations. This whitepaper helps marketers understand how to use this powerful new tool.
82 percent of shoppers say they would buy more items from a brand if the emails they sent were more personalized. This white paper offer five tactics that will personalize your email beyond the subject line and drive real business growth.
October 23, 2014
1:00pm ET/10:00am PT