Yahoo! pimping malware from banner ads
Doesn't seem to care
Agentless Backup is Not a Myth
Over the past three days, Yahoo has been exposing visitors to banner ads that try to trick them into installing malware, and there's no indication anyone at the company is even aware of the problem.
According to Microsoft MVP Sandi Hardmeier's "Spyware Sucks" blog, the ads are displayed across a wide swath of the web portal's sprawling empire, including Yahoo Mail, Yahoo Groups and Yahoo Astrology. Hardmeier first sounded the alarm on Saturday, and yet on Monday, Yahoo continued to run the rogue ads, she reported. El Reg emailed three different Yahoo PR reps but never did get a response.
"I wonder how many hits Yahoo gets per day, and how many people are being exposed to fraudware, while these advertisements are allowed to remain online," Hardmeier wrote.
The ads pitch women's deodorant, but behind the scenes, they contact servers that have been used by previous rogue ads targeting high-traffic websites. Typically, the ads produce a pop up that looks strikingly similar to official Windows dialog pop-ups that urge the end user to download software to fix problems. Expedia, Rhapsody, MySpace, Excite, Blick, and CNN.com have all served up similar malicious ads in the past.
Attackers who shoe horn their banners onto reputable sites usually take advantage of the highly decentralized way that online advertisements are sold. It's not unusual for there to be a succession of affiliates, making it possible for an attacker to pose as an authorized agent of a name-brand product or service. In this case, Yahoo has gotten hoodwinked into running ads that point to adtds2.promoplexer.com, which has been implicated in previous rogue banner attacks.
Remember, folks, that the NoScript extension for Firefox is your friend here. Even if you've whitelisted Yahoo, it will block Adobe Flash being sent from the attacker's website. Nice to know someone's looking out for you. ®
COMMENTS
@Nick Askew
Once sites pay me for the bandwidth and time I waste downloading their mass of text / image / flash based ads which are never relevant, I will turn off Adblock & NoScript. Till then they can suffer in their jocks!
Ah yes! Content for free.
I sympathise with all of you with your struggle against advertising, especially malware disguised as advertising. It is clearly the responsibility of the agents to vet the adverts they are pushing onto other peoples sites. So Yahoo clean up your act!
But those of you who object to advertising on principle, and install ad blockers just because you don't want to see adverts, are forgetting something. The sites that display adds sometimes use that to keep their sites free. For example this site is showing Google adds and has been for a long time. Perhaps you would prefer to pay a subscription fee for the reg.
Right I'm off to click on a few adds to help keep the reg free.
IT infrastructure monitoring strategies
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
Data control in the cloud
Cloud based data management
Agentless Backup is Not a Myth
