New York Times Malware Ads

new york times malwareThis weekend, I got one of those fake “virus clean” popups after clicking a link to a New York Times article from Memeorandum.   Apparently, I wasn’t alone as there are a dozen or more posts about it today at Techmeme.

The NYT itself has this Note to Readers:

Some readers have seen a pop-up box warning them about a virus and directing them to a site that claims to offer antivirus software. We believe this was generated by an unauthorized advertisement and are working to prevent the problem from recurring. If you see such a warning, we suggest that you not click on it. Instead, quit and restart your Web browser.

That’s in fact what I did. But it’s very annoying since it either means losing all of the other pages you’re currently browsing or risking the malware popping back up when your browser tries to helpfully reload the unexpectedly closed pages.

Troy at Inputs & Outputs has some very technical details.  And Riva Richmond, writing for the NYT Gadgetwise blog, offers these helpful tips:

If you are a Windows user and saw a suspicious antivirus warning on your screen, it is possible that the ad’s creators infected your computer with a malicious program, even if you avoided all contact with it. “Click or not, the user could still get infected,” said Neil Daswani, a founder of Dasient, a security firm that specializes in Web site security issues.

Some similar antivirus scams have been known to use security vulnerabilities in Web browsers to automatically install malicious software in what are known as drive-by downloads, Mr. Daswani said. As a precaution, those who encountered a pop-up warning should run a scan using their favorite (legitimate) antivirus software.

If you don’t have such software installed, it’s time to get some. The big brand names in the field include Symantec, McAfee and Trend Micro, although it is not known whether their programs are able to detect any infections that might be caused by these latest ads. One analysis of the problematic ads indicated that an antivirus program called Avast, which has a free 60-day trial available, was able to spot them before they caused trouble. Another good free tool for Windows users is Microsoft’s Malicious Software Removal Tool, which checks for the most common malicious programs on the Internet.

Peter Kafka at Media Memo:

You generally have to travel farther down the Internet publishing food chain to find this kind of bogus ad—go hunting for porn and/or illegal downloads, for instance, and you’ll find plenty of this stuff.

But Web advertising is still a wild and woolly place, and this type of thing still plagues high-end publishers too. Sometimes it’s the fault of ad networks the publishers use to move their unsold inventory; sometimes the bogus ads are bought directly from the publishers themselves.

Indeed, I’ve accidentally inflicted these type of malware pop-ups on my own sites, as several ad networks that run third-party advertisements — Google is the most noteworthy — do too little to prevent it from happening.

FILED UNDER: General, , , , , , , , , ,
James Joyner
About James Joyner
James Joyner is Professor and Department Head of Security Studies at Marine Corps University's Command and Staff College and a nonresident senior fellow at the Scowcroft Center for Strategy and Security at the Atlantic Council. He's a former Army officer and Desert Storm vet. Views expressed here are his own. Follow James on Twitter @DrJJoyner.


  1. DC Loser says:

    Hmmmm…I got that malware ad yesterday, but it wasn’t from NYT. It happended while I was reading emails on my Yahoo webmail site. Well, it’s good to know I wasn’t the only one. It did bother me the whole day since I’m usually very careful about these things.

  2. sam says:

    I got one the other day that said:

    James Joyner is attempting to control your mind
    Click to continue

    My finger hovered over the mouse button for a long time…

  3. I wonder why this isn’t a problem for me?

    Oh yeah, I remember why: I use a Mac.

  4. One analysis of the problematic ads indicated that an antivirus program called Avast, which has a free 60-day trial available, was able to spot them before they caused trouble.

    There is a free version of Avast. I’ve been using it for over 5 years, after getting fed up with McAfee and Symantic (Norton). It requires re-registration every 14 months. Most of my friends and family are now using it based on my experience. I was off-line this weekend, so didn’t get any bad pop-ups.

  5. Triumph says:

    New York Times Malware Ads

    Not surprising–the entire liberal rag New York Times is malware-not only the ads.

  6. Mr. Prosser says:

    Avast! is a good defense but be prepared to lose time in booting and browsing while it scans and updates. To me it’s worth the wait.

  7. DC Loser says:

    I’ve used AVG and Avast in the past with pretty good results. Now I’m using a corporate edition of Norton (free from my employer) that is a pretty big resource hog. I may just ditch that and go back to using the free AV and adware programs for my Windoze machines. My Mac, OTOH, doesn’t (so far) need any of these things.

  8. sam says:

    My Mac, OTOH, doesn’t (so far) need any of these things.

    Neither does my Suse box (so far), but I still run AVG and f-prot on it every day via a cron. But then I’m paranoid about security. I can’t walk by my wife’s Windoze machine with feeling a tightening in my nether regions.

  9. sam says:

    uh, without said feeling.

  10. Matt says:

    Avast and AVG are pretty sweet (trendmicro makes a good anti virus program for free too). I personally use the free Avast and the free trendmicro online scanner. I combo those with Spybot search and destroy and Adaware 😛 Sometimes one program will catch something the others missed.