More NewsAd Exchange Right Media Is Used to Spread a Virus

Ad Exchange Right Media Is Used to Spread a Virus

Up to 12 million infected ads were served recently to sites in the Yahoo-owned exchange.

Online ads infected with a Trojan virus have been delivered to users of numerous high profile sites participating in Yahoo-owned Right Media’s online ad exchange, according to Web security firm ScanSafe.

ScanSafe reported that during a period beginning August 8th and lasting until early September, it saw a surge in the number of a Trojan-Downloader.VBS.Agent it was blocking. The virus was being unknowingly distributed by over 70 Right Media ad servers, which Scansafe estimates delivered up to 12 million infected ads in recent weeks. Myspace, Bebo, Photobucket and The Sun were among the sites carrying virus-laden ads.

Although declining an interview, a Right Media spokesperson issued a statement saying, “We became aware of a Trojan [advertisement] introduced into the Right Media Exchange by a member network. The ad has been identified as a high risk creative and banned from the exchange”.

The Trojan itself required no interaction from the user to infect their machine, meaning that insufficiently patched operating systems were vulnerable simply by browsing to a page containing the ads. The adverts were being delivered to Right Media’s network from a third-party ad server, which was rotating both legitimate and infected ads. The infected placements delivered a Flash file generating an invisible ‘iFrame’, which prompted the download of a Trojan executable file.

In a recent press release, Dan Nadir, vice president for product strategy at Scansafe said “this is another example of how legitimate ‘trusted’ Web sites can unknowingly host malware. Online ads have become a primary target for malware authors because they offer a stealthy way to distribute malware to a wide audience”.

On its Web site, Right Media describes how each newly uploaded creative is run through a series of 10 tests in order to detect malicious activity. ScanSafe suggested the infected ads were designed to distinguish between scanning servers and regular site servers, and to deliver to the former ads with no malicious code to avoid detection.

Right Med’s spokesperson did not discuss future plans to prevent future incidents of this nature, but said the ad exchange is “committed to finding ways of keeping this type of activity away from consumers and publishers”.

The use of online advertising as a delivery mechanism for malware appears to be a rising menace. A report released earlier this summer by the Finjan Malicious Code Research Center found a rise in the use of affiliate ad networks to infect computers with keystroke loggers and other malicious code.

Related Articles

GDPR: The role of technology in data compliance

Data & Analytics GDPR: The role of technology in data compliance

1m Clark Boyd
What companies can learn from the We-Vibe lawsuit about the Internet of Things

Legal & Regulatory What companies can learn from the We-Vibe lawsuit about the Internet of Things

9m Al Roberts
Has advertising arrived on Google Home?

Media Has advertising arrived on Google Home?

9m Al Roberts
Target is the top retail digital marketer, so why is it struggling?

Ecommerce Target is the top retail digital marketer, so why is it struggling?

9m Al Roberts
YouTube is "on pace to eclipse TV" thanks to savvy algorithm use

More News YouTube is "on pace to eclipse TV" thanks to savvy algorithm use

9m Al Roberts
YouTube is getting rid of 30-second unskippable pre-roll ads

Ad Industry Metrics YouTube is getting rid of 30-second unskippable pre-roll ads

10m Al Roberts
Is Twitter slowly dying?

More News Is Twitter slowly dying?

10m Al Roberts
FedEx launches fulfillment service to take on Amazon

Ecommerce FedEx launches fulfillment service to take on Amazon

10m Al Roberts