ie8 fix
madison

Zero Day

Ryan Naraine, Emil Protalinski and Dancho Danchev
Home / News & Blogs / Zero Day

Malware ads served from Gizmodo

By | October 27, 2009, 10:04am PDT

Summary: Popular gadget blog Gizmodo has acknowledged falling victim to an “elaborate scam” that served malicious ads for scareware (fake anti-virus) to its readers.

[ UPDATE: Dancho has more details on this attack ]

Popular gadget blog Gizmodo has acknowledged falling victim to an “elaborate scam” that served malicious ads for scareware (fake anti-virus) to its readers.

In an apology posted online, Gizmodo said the its ad sales team was tricked into running malicious ads purporting to be from Suzuki.  This follows a similar attack that affected advertisements served from the New York Times site.

Here’s the note from Gizmodo’s editor:

Guys, I’m really sorry but we had some malware running on our site in ad boxes for a little while last week on Suzuki ads. They somehow fooled our ad sales team through an elaborate scam. It’s taken care of now, and only a few people should have been affected, but this isn’t something we take lightly as writers, editors and tech geeks. (And we would have noticed sooner except everyone on staff is on OS X or Linux for production machines.) Everything should be cleared up but you should be checking “qegasysguard.exe” if you’re experiencing random popups. Be careful, load up some antivirus and make sure your system is clean. I’m sorry.

Here’s a good primer from SANS on the malvertising scourge.  Also see Dancho’s ultimate guide to scareware protection.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Zero Day”

Topics

Advertisement, Blog, Malware, Gizmodo, Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.

Disclosure

Ryan Naraine

The most important disclosure is of my employment with Kaspersky Lab as a member of the global research and analysis team. Kaspersky Lab is a global company specializing in anti-malware and secure content management technologies. I do not own stocks or other investments in any technology company.

Biography

Ryan Naraine

Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content management technologies.

Prior to joining Kaspersky Lab, Ryan was Editor-at-Large/Security at eWEEK, leading the magazine's and Web site's coverage of Internet and computer security issues and managing the popular SecurityWatch blog, covering the daily threats, vulnerabilities and IT security technologies. He also covered IT security, hacker attacks and secure content management topics for Jupiter Media's internetnetnews.com.

Ryan can be reached at naraine SHIFT 2 gmail.com. For daily updates on Ryan's activities, follow him on Twitter.

16
Comments
Add Your Opinion

Join the conversation!

Just In

RE: Malware ads served from Gizmodo blog
FAULKNE 13th Oct
Good day to confirm this comment I would appreciate T h e b e s t o f Z D N e t d e l i v e r e d your website very nice to everyone Yes, Oracle is the only one with shared-disk architecture, but that is there advantage. It means you can add or remove nodes and the database lives on. In a shared nothing architecture, if you lose a node, you lose the system. I'm sure Oracle appreciates EMC highlighting their advantage.I also desire to signal in your RSS feeds. Thank you as soon as once again and maintain up the great operate Awesome post! Thank you very much || thanks for nice content this is really benefit to me.
View in thread
0 Votes
+ -
Disclosure please!
Joe_Raby 27th Oct 2009
I'd like to know who their ad partner was.
0 Votes
+ -
Disclosure please!
n0neXn0ne Updated - 27th Oct 2009
I'd like to know the platform(s) affected.

(fake anti-virus) ...
(And we would have noticed sooner except everyone on staff is on OS X or Linux for production machines.)

I can only guess. But I shouldn't have to.

thx

^o^

0 Votes
+ -
Is is really needed?
The Mentalist 27th Oct 2009
How many malware friendly systems do you know?
0 Votes
+ -
Many
AzuMao 27th Oct 2009
ReactOS, WINE, Cedega, DOS, and ????????..
0 Votes
+ -
All of them...
mrlinux 27th Oct 2009
NT
0 Votes
+ -
They may all have potential vulnerabilities but not all of them make it...
The Mentalist 27th Oct 2009
easy on malware writers.

As far as I know there is only one family of OSes that does that.
0 Votes
+ -
RE: Malware ads served from Gizmodo blog
efsane Updated - 8th Apr 2011
Well done! Thank you very much for professional templates and community edition
sesli sohbet sesli chat
0 Votes
+ -
RE: Malware ads served from Gizmodo blog
myclub 1st Jul
ewet dedim ama neyse
http://www.bbgporn.com/
http://www.hmmtube.com/
dogru deme
http://www.erotiktube.org/
http://www.52tube.com/
http://www.wctube.com/
http://www.cameporn.com/
http://www.escortbayan9.com/
tamam dedim
0 Votes
+ -
RE: Malware ads served from Gizmodo blog
MACKENZI 11th Sep
I also desire to signal in your RSS feeds. Thank you as soon as once again and maintain up the great operate! nccma cooler
0 Votes
+ -
RE: Malware ads served from Gizmodo blog
PEARLINEI 12th Sep
I used to be more than happy to seek out this internet-site.I wanted to thanks in your time for this glorious read!! I positively enjoying each little bit of it and I have you bookmarked to check out new stuff you weblog post. this thread is amazing i like your work and i appreciate you that you have share a useful stuff thanks for sharing the i shop abatwa
0 Votes
+ -
RE: Malware ads served from Gizmodo blog
RHIANNONA 13th Sep
I used to be more than happy to seek out this internet-site.I wanted to thanks in your time for this glorious read!! I positively enjoying each little bit of it and I have you bookmarked to check out new stuff you weblog post.Bookmarking now thanks please consider a follow up post. power sa shop
0 Votes
+ -
RE: Malware ads served from Gizmodo blog
SATURNINA 14th Sep
I think the representation of this article is actually superb one. This is my first visit to your site. Thanks a lot and keep sharing the information. Keep updating the information for all of us. Thanks ZDNet Government was launched as the brand's first industry vertical, with a mission to cater to IT professionals in the public secto I agree with your post. However, do you have any sources I can cite for my paper wheel car com bury
0 Votes
+ -
RE: Malware ads served from Gizmodo blog
TOCCAR 25th Sep
Well welcome, hopefully you can become a vital member of the community and really help to push far ahead of google. Which Im sure the development team would love. This will of course earn you alot points too and get you on the leaders board. z d n e t t h a n k Im not sure i come to an agreement with you on every level, howevor it absolutely was a good posting, many thanks for taking the time to put up your ideas.
0 Votes
+ -
RE: Malware ads served from Gizmodo blog
MCKNIGH 26th Sep
Thanks nice info z d n e t I really liked your current article write more..let me add you to its favorite The articles you have on zdnet s i t e are always so enjoyable to read. Good work and I bookmarked it.
0 Votes
+ -
RE: Malware ads served from Gizmodo blog
MEJIAHA 30th Sep
Fantastic news about the new release.I positively enjoying each little bit of it and I have you b o o k m a r k e d to check out new stuff you weblog post.Im not sure i come to an agreement with you on every level, howevor it absolutely was a good posting, many thanks for taking the time to put up your ideas
0 Votes
+ -
RE: Malware ads served from Gizmodo blog
FAULKNE 13th Oct
Good day to confirm this comment I would appreciate T h e b e s t o f Z D N e t d e l i v e r e d your website very nice to everyone Yes, Oracle is the only one with shared-disk architecture, but that is there advantage. It means you can add or remove nodes and the database lives on. In a shared nothing architecture, if you lose a node, you lose the system. I'm sure Oracle appreciates EMC highlighting their advantage.I also desire to signal in your RSS feeds. Thank you as soon as once again and maintain up the great operate Awesome post! Thank you very much || thanks for nice content this is really benefit to me.

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix