Feeds

Kaspersky update slaps Trojan warning on Google Adsense

Tsk, you and your false positives

SANS - Survey on application security programs

Updated An update to Kaspersky's popular anti-virus software on Monday falsely identified Google AdSense as a malicious script.

As a result of the false alarm, Kaspersky users visiting sites in Google ad syndication network were falsely warned a site was infected with malicious Trojan-linked JavaScript. Network admins, swamped with inquiries, posted their experiences on a growing forum thread.

Kaspersky Lab published an update correcting the the Google AdSense on Monday. In a statement (extraxt below), the Russian security firm apologised for any inconvience caused by its admitted false alert.

An incorrect signature was added to the company's antivirus databases on 25 January at 07:00 Moscow time (GMT+3). As a result, Kaspersky Lab products erroneously blocked some legitimate websites containing the link on script http://pagead2.googlesyndication.com/pagead/show_ads.js, which is used in the contextual advertising system Google AdSense.

When users visited an affected web resource, a message was displayed stating that the page contained the malicious program Trojan.JS.Redirector.ar.

The problem was quickly resolved and by 19:00 Moscow time the company's products had stopped generating alerts for legitimate internet pages. Kaspersky Lab would like to apologize for any inconvenience this problem may have caused users. The company is continually improving its procedures for testing products and releasing updates to prevent such errors from occurring in future.

The AdSense cockup happened just hours after the bit.ly web address shortening service was wrongly added to Kaspersky's blocklist en masse as links to phishing sites. The Russian security firm said a fix for that problem would be published with its next malware definition update.

False positives still make for a well known shortcoming with anti-virus packages that affects just about every vendor from time to time. Flagging Windows systems files as potentially infected and shuffling them off to quarantine causes far more problems than if a false alarm happens to involve general applications.

Black-flagging such a widely used web application as Google AdSense arguably creates even more confusion, as the problem with dodgy Kaspersky Labs updates on Monday serves to illustrate. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Arts and crafts store Michaels says 3 million credit cards exposed in breach
Meanwhile, Target investigators prepare for long process in nabbing hackers
Canadian taxman says hundreds pierced by Heartbleed SSL skewer
900 social insurance numbers nicked, says revenue watchman
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.