Feeds

back to article Ad networks owned by Google, Microsoft serve malware

Two of the world's biggest ad serving networks – one owned by Google and the other by Microsoft – have been caught delivering booby-trapped banner ads that infect computers with malware without any action required on the part of the end user. The ads on Google's DoubleClick and Microsoft's rad.msn.com contained heavily …

COMMENTS

This topic is closed for new posts.
Silver badge

I can't imagine

these companies informing the marks, sorry consumers, that blocking the ad servers at the router/firewall will protect systems from the malware served by said systems.

Are these companies not responsible for what they serve? Shouldn't they pay compensation fro the damage caused by any malware that they serve?

7
0

dodgy ads

this has been going on for years, it's how most big businesses make a profit

0
0
Alert

A good reason to use FF

Noscript + Adblock

15
1

Close

Noscript + Adblock + anything but Windwoes.

4
1

This post has been deleted by a moderator

Silver badge

or

or, indeed, a hosts file such as http://www.mvps.org/winhelp2002/hosts.htm

0
0
FAIL

js

"Similar attacks can be avoided in the future" by using a very simple tactic...

SERVE ONLY IMAGES

... no poxy javascript or flash. A simple image with a link to whatever is being advertised.

20
0
Gold badge

Images

Image exploits are possible, not heard of any recently though.

2
0
Unhappy

Title

Do you remember that lovely gdi+ bug not long ago?

0
0

While I agree with you that ads should only be images

There have been exploits that trigger on little more than buffer overruns by corrupt images. So, um, yeah. If you really want to be safe, use Lynx.

1
0

Title

*Double checks that these domains are blocked in NoScript*

Move along.

5
0
Bronze badge
Pint

Oh for the love of...

Why the hell aren't people blocking this tripe? There is absolutely no reason to have ads in a pages, get stocked up with AdBlock+, NoScript, etc. I always tell people who use FF to always install AdBlock+ and if they wish, FlashBlock too. You will get faster loads and nicer, easier to read pages.

Not only are ads bloody annoying, they're Web equivalent of finding "dog-links" on the pavement outside your house, they break up the page flow and slow the loads times. Certain tech news sites, ahem, look much better without the nasty ads breaking the flow with all that horrible kerning.

Sorry Reg, but your pages just look much nicer without the ads!

4
0
Thumb Up

Not all ads

I too am a NoScript fan and that's good enough. Without scripting the worst offenders - and infections - are dealt a hefty kick to the virtual nuts. And yes the decrease in load times is very welcome too. I'm so used to the slimline version of the web that it has become shocking to see what other people have to put up with.

Particularly on the Reg I am fine with the text adverts and occasional animated GIF. They're not so garish as to be distracting and they do serve a purpose after all, to pay for my favourite periodical. Long live El Reg! Love live saint Paris!

2
0
Silver badge

...and

we'd never have seen the cow with the flaming flatulence if we were blocking...

0
0
Stop

US Intelligence Could Be Behind This

Google is known for their technology competence. Now they serve up viruses ? Come on...

TheRegister has reported that a USGOV contractor "takes over" botnets to provide intelligence to US agencies (probably CIA and NSA). What if that "contractor" is behind this.

You will not notice it like you notice the "commercial viruses" because your DSL modem flashes while pumping out spam or doing DDOS. Al this thing will do is to get the new "target requirements list" from Langley every few days. After some time the harddisk head will be moving a little to check the index the virus has already created for matching keywords.

Now that the US economy is doing so badly I am sure they will lend a "helping hand" to their ailing corporates. Airbus, Arianespace and Daimler employees beware !

0
1

This post has been deleted by a moderator

Gates Horns

noscript + adblock plus

toss in Linux (or MAC) and you are pretty safe

2
0

yay

It's shit like this that makes you realize that these ad folks are probably more dangerous than they're worth.

yay adblock and noscript. The main reason I use them is to stop the jitterbugs and other annoying crap, but if it helps stop this kind of bull I'm happy with that.

Moving right along.

1
0
Grenade

oops

<edits hosts file>

2
0
Grenade

Hosts file is the best solution

I have all the ad-serving domains aliased to 127.0.0.1 in my hosts file. Sod the lot of 'em.

http://www.theregister.co.uk/Design/graphics/icons/comment/grenade_32.png

0
0

Just another reason...

...for websites to offer their readers/consumers/whatever the option of a paid subscription or an ad-funded model. Some of us do want to support our favourite websites…but like hell am I giving up my AdBlock or NoScript!

0
0
Anonymous Coward

on my menu everyday

adblock + ghostery

0
0
Anonymous Coward

ad twats

These ad networks should be liable for any damage caused.

Can anyone get anything right? Seems not!

1
0
N2
Thumb Down

Double Click shite

Blocked at the router

Blocked by Ghostery

Controlled by NoScript

& filtered by Adblock Plus

Along with anything else remotely similar

3
0
Silver badge

Of bears and great detectives....

We need a defecating ursid / non-defecating fictional Victorian detective icon.

1
0
Anonymous Coward

using FF and ad-ons doesn't always work

I've tried using FF and such and this caused a huge number of tracking cookie to appear on my machine. My machine slowed considerably.

WTF?

0
0
Silver badge
Unhappy

Will be the death of a lot of smaller sites however.

A lot of small sites live on their ad revenue and that will dissapear as a result of infected ads and all of us blocking them.

I now visit some enthusiast sites that now detect that I'm blocking their ads and politely advise me that in doing so I am not helping them continue running their site.

Damned if you do, damned if you dont.

Hmmm but the suspicious side of me thinks...if ad revenue totally dried up on the web then who would be left to.....oh thats right...just govt websites. Yup, its a conspiracy. lol

1
0
Linux

Small sites can have a good future

Small sites don't get much ad revenue by definition. My websites get zero ad revenue and this will continue because my users' attention is much too precious a commodity for me to want to sell this to third party advertisers. I'm a subscriber to a site ( lwn.net ) which tried initially to pay for journalism through ads. This wasn't going to work (not enough money from ads to cover costs) and the regular readers persuaded the site to keep going by offering subscriptions.

If a website is of genuine value, the regular users will want to pay the piper in preference to it closing down.

0
0
Anonymous Coward

Ttir,amctao/d

"if ad revenue totally dried up on the web then who would be left to.....oh thats right...just govt websites."

All websites that have something to sell? It's a little strong to suggest that the collapse of the ad market would lead to the demise of sites like Amazon or the likes...

I agree that the little guys suffer though. Maybe it's time for the emergence of ad companies who cater for the little guy. Then you could just unblock IndieAds.com or whatever. Pity there's so much less money to be made from it.

0
0

ad merchants have themselves to blame

if you have ever tried to pick through the remote and obfuscated JS being served to your site by an ad vendor and you will soon see they care only for themselves. "Make sure the page waits for our slow ads to show first" etc is not unusual to hear.

Block em all.

0
0

Any Idiot

Any idiot who surfs with JavaScript turned on deserves what he gets.

0
0
Silver badge

Nice ads needed

Like most commentards here, I block ads because they annoy and distract. This piece of news gives me even more cause to do so. But I appreciate the role of ad revenue in keeping useful and entertaining web sites going, so I feel slightly guilty about blocking.

Interestingly, the text-based ads and sponsored listings on Google don't annoy me (though they may be deplorable for other reasons).

What's needed is an ad server that is guaranteed to deliver only plain HTML, perhaps with the more garish tags and large fonts outlawed. I'd be prepared to let that through the filter. They'd have to keep squeaky clean though - one transgression and they're filtered.

2
0
Silver badge

I don't feel guilty about blocking

I never, ever buy anything directly from an online ad. When I'm in the market for something, I google and research pricing, availability, etc, and only then do I visit commercial sites that sell what I want. So by blocking ads I'm actually saving the advertiser displaying useless impressions, so they can be used for someone who might actually buy something from it.

Sites that detect my use of an adblocker and prevent me from viewing them go straight onto a blacklist, both at home and at work, and guarantee that I will never do business with the companies/persons behind such sites.

1
0

What really irritates me ...

... is stupid sites that display stupid messages that say "This site needs javascript".

Oh no it does *NOT*.

OK, you may have employed some incompetent web designers who don't know how to code pages without using javascript. You might even have one or two tiny "features" that you think (very wrongly I suspect) look fractionally better with javascript. But they'll be those nasty irritations like marquees and constantly changing images which add nothing but clutter and "nauseosity" to your site.

If you haven't been able to duplicate the core functionality of a site without using javascript, then there's only one word to describe you and your web designers, and that's *incompetent*.

0
0
This topic is closed for new posts.