Feeds

MySpace slams ad networks over 'scareware'

Para-sites

SANS - Survey on application security programs

Updated MySpace has engaged in its fair share of fights over the past few months, battling alleged spammers and fending off lawsuits. Now we're hearing an allegation that the social networking site has been serving ads that hock pesky programs known as "scareware." And rather than call out the big guns, the social networking site is rolling over and playing dead.

James Kingsley, a PhD student in the UK city of Sheffield, said his wife encountered ads on Monday while tending to her MySpace account. The insult, he said, extended to repeated attempts by one of the advertised parasites to install the program using ActiveX.

MySpace screenshot with DriveCleaner ad

"That's the thing that really struck me as being malicious," Kingsley told us. "Although my wife is pretty skeptical about these things my mum wouldn't be."

The two pieces of offending software, Kingsley said, included WinAntiVirus Pro and DriveCleaner, and he included screen shots - posted here - that appeared to back up his claim. One shot also appears to show a warning from Internet Explorer that winantivirus.com was trying to install a program.

Security companies have issued warnings about both programs. Sophos, for instance, says WinAntiVirus loads a "spyware detection installer application which downloads applications that may exaggerate threats on a user's computer and ask user to buy software to remove these threats." Indeed, using Google to search for "winantivirus" and clicking on site associated with the product results in a rather terse warning that "visiting this web site may harm your computer!"

The same warning happens for DriveCleaner, which Symantec describes as "a security assessment tool which gives exaggerated reports of security and privacy risks on a computer."

MySpace, after promising on Monday to look into Kingsley's report, failed to respond to the half-dozen emails and phone calls we left over the past two days. We were unable to locate the maker or makers of WinAntiVirus and DriveCleaner for comment.

So we are appealing to you, our esteemed readers, to relate any instances of MySpace or other mainstream sites serving naughty ads. Please contact your reporter at the link above. ®

Update

Several hours after our story appeared, a MySpace spokeswoman issued the following comment:

Adware is against MySpace's terms of service. These ads are being delivered by ad networks who distribute them to over a thousand sites across the Internet in addition to ours. We work to have these ad networks remove such ads so that they do not appear on our site.

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.