How ads on legitimate web sites can lead to malware and unwanted software

How ads on legitimate web sites can lead to malware and unwanted software

Summary: One of the great myths of security is that if your PC is infected with malware it’s your own fault. You shouldn’t have been searching for porn, downloading pirated software, or snagging bootleg DVDs from BitTorrent.But that's no longer true. These days, even ads on a legitimate web page can lead to unwanted, potentially malicious software. Here's an example.

SHARE:

 |  Image 2 of 6

  • This ad appeared at the bottom of a post on a lightly trafficked but legitimate blog. Notice the animated graphic and yellow bar, both designed to mimic the appearance of similar “missing plugin” messages from browsers. The ad was served by a third-tier ad network, AdBrite.

    For more details, see "Social engineering in action: how web ads can lead to malware."

  • Clicking the ad takes you to a page that uses more social engineering to simulate the experience you might have trying to play a video file in your browser. The spinning wheel next to the word “Buffering” suggests that the page is trying to download a video but is being stopped somehow.

    Although this screen was captured in Google Chrome, the experience is identical in other browsers, including Internet Explorer.

    For more details, see "Social engineering in action: how web ads can lead to malware."

  • If you run the unsigned download, this installer starts up. It certainly looks like the real thing, and it even offers a choice of Express or Custom installations.

    It actually does install a version of the Xvid codec, but it also includes a few unwanted extras...

    For more details, see "Social engineering in action: how web ads can lead to malware."

  • Thumbnail 1
  • Thumbnail 2
  • Thumbnail 3
  • Thumbnail 4
  • Thumbnail 5
  • Thumbnail 6

Topics: Browser, Malware, Security, Software

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

Talkback

9 comments
Log in or register to join the discussion
  • RE: How ads on legitimate web sites can lead to malware and unwanted software

    Thanks for educating people on how this works. With the rise of computers infected with malware especially through various websites and more and more people who are less tech savvy being on the web it is important to educate them.
    kabo0m
  • RE: How ads on legitimate web sites can lead to malware and unwanted software

    This is why learning to set a Restore Point <b><u>BEFORE</b></u> installing <b><u>ANYTHING</u>!</b> is so important. It's the only real way to completely un-install and rid yourself of this crap once installed.
    The Rifleman
    • Not always

      @The Rifleman A lot of the malware will "infect" your restore points.
      jred
      • RE: How ads on legitimate web sites can lead to malware and unwanted software

        @jred: OK, restore point THEN back up.
        ALISON SMOCK
      • RE: How ads on legitimate web sites can lead to malware and unwanted software

        @jred "<i>Not Always</i>"<br>This is true with 32-Bit Operating Systems. It is almost non-existent on 64-Bit Operating Systems as my Vista 64 has <b>NEVER!</b> succumb to any attacks in more than 2 years of "Live" operation. I do patch and update everything when patches and updates are made available. However, Vista 64 is the most rock-solid Windows I have ever used.<br><br>I did impale myself with a Registry Cleaning tool. Even the green light safe to remove stuff really isn't safe to remove. I now use a software tracker that watches the install and then removes everything when I want a particular program uninstalled.<br><br>My security program now is multi-layered. Simply relying on a Fire-Wall or just a single program like an Anti-Virus Scanner is not enough.<br><br>Windows is now run under 7 Layers of security protocol starting at my Router and running down the security pole. It is further run in a N.A.T. in a Virtual Machine and the I.P. Address of Windows that is assigned is nothing close to the normal scheme of my D.H.C.P. Server in my Router. This is because I have deployed a second D.H.C.P. Server in my VM.<br><br>I run a "Paid For" Anti-Virus program with RootKit and Mal-Ware detection included. While not impervious, I would not hesitate to say... My Windows Vista is pretty well locked down.<br><br> I have also turned off the "SVHost" Chatty-Kathy. Windows does not respond to I.C.M.P.'s, Pings, or other initiators as it would normally and it is not screaming to the world through an SVHost to connect with it. Network traffic is filtered and Windows is told by its VM and Host Linux when it can talk and when it can listen. - Otherwise it has to sit down and shut-up!<br><br>Because I use a computer primarily for creative uses with my photography, I know the status of my Codecs and never install on-demand. Even when Windows Update wants to install my proprietary drivers, I check with the maker of my peripheral and download theirs and not the MS Equivalent.
        The Rifleman
  • RE: How ads on legitimate web sites can lead to malware and unwanted software

    The article told us how the malware is added to our computer. However, will there be a follow up on how to rid our computer of the damages?

    Aaron
    aaronep@...
  • OK for expert users

    Rifleman's response clearly shows that if you are an "expert" user then you can make your PC more secure - but the average user would not have a clue what he was talking about. (no offence intended). I am reasonably "expert" but having to take this kind of response spoils the whole experience of using a computer in the first place.

    My remedy is a full partition back up to an external drive so that in the event of a drive by virus I can simply open the computer from a boot CD and leave it to restore while I am sleeping. My back up is weekly but I also have backups of my content on a daily basis. I use paragon free back up tools. This however is again probably more complex than most users would do and the problem for many is that they only turn their computers on when they are actually using them which makes scheduled back up difficult.

    One of the other problems is that recent OS's tend to try and hide their workings from the user to make it simpler however this means that the users know even less about how to protect themselves. If this is the path they are continuing down then the protection systems need to be built in and fairly foolproof.
    cymru999
    • RE: How ads on legitimate web sites can lead to malware and unwanted software

      @cymru999
      "<i><b>but the average user would not have a clue what he was talking about. (no offense intended).</i></b>"
      None taken. You raise a good point I have been trying to make in my I.T. circles for years! How much does a User have to know to properly protect themselves from the threats. Most people look at a computer the same way they look at their toaster. It's an appliance with a specific job to do. Imagine if we needed this kind of knowledge about other things like cars, refrigerators, stoves. We'd all be going nowhere and be hungry because the food that didn't wrought, couldn't be cooked before it too, wroughted!

      "<i><b>If this is the path they are continuing down then the protection systems need to be built in and fairly foolproof.</i></b>"
      This is a point <b><u>ALL</b></u> Developers should take seriously! The more a User is removed from the mechanics of the O.S., the more secure they will feel by design.

      Security is both real and imagined. You can have a sense of "Real" security when it doesn't exist and you can have a high state of imagined security when it too!, does not exist. The issue of computer security is quickly out pacing the User's ability to cope.

      Many Users I talk to don't believe the situation is as dire as it really is. The story sounds so incredible to them, that it just can't be so. Guess who the prime targets are in this war. The Users that can't get a grip on the magnitude of its seriousness.

      It is this User mind-set that keeps the money flowing in as all I do these days is recover computers for friends, family and Small Businesses because they think I'm whacked with my talk of how severe this really is.

      "<i>Windows 7 is so much better than any previous Windows Release; I don't need an Anti-Virus program anymore.</i> Is one comment I just recently heard. NOT GOOD!
      The Rifleman
  • 64Bit OS is not safe

    I am running 64bit system on all my home machines. My daughter's got infected. So... yeah... better but not failsafe.
    ktag