New York Times Malware Ads
This weekend, I got one of those fake “virus clean” popups after clicking a link to a New York Times article from Memeorandum. Apparently, I wasn’t alone as there are a dozen or more posts about it today at Techmeme.
The NYT itself has this Note to Readers:
Some NYTimes.com readers have seen a pop-up box warning them about a virus and directing them to a site that claims to offer antivirus software. We believe this was generated by an unauthorized advertisement and are working to prevent the problem from recurring. If you see such a warning, we suggest that you not click on it. Instead, quit and restart your Web browser.
That’s in fact what I did. But it’s very annoying since it either means losing all of the other pages you’re currently browsing or risking the malware popping back up when your browser tries to helpfully reload the unexpectedly closed pages.
If you are a Windows user and saw a suspicious antivirus warning on your screen, it is possible that the ad’s creators infected your computer with a malicious program, even if you avoided all contact with it. “Click or not, the user could still get infected,” said Neil Daswani, a founder of Dasient, a security firm that specializes in Web site security issues.
Some similar antivirus scams have been known to use security vulnerabilities in Web browsers to automatically install malicious software in what are known as drive-by downloads, Mr. Daswani said. As a precaution, those who encountered a pop-up warning should run a scan using their favorite (legitimate) antivirus software.
If you don’t have such software installed, it’s time to get some. The big brand names in the field include Symantec, McAfee and Trend Micro, although it is not known whether their programs are able to detect any infections that might be caused by these latest ads. One analysis of the problematic ads indicated that an antivirus program called Avast, which has a free 60-day trial available, was able to spot them before they caused trouble. Another good free tool for Windows users is Microsoft’s Malicious Software Removal Tool, which checks for the most common malicious programs on the Internet.
Peter Kafka at Media Memo:
You generally have to travel farther down the Internet publishing food chain to find this kind of bogus ad—go hunting for porn and/or illegal downloads, for instance, and you’ll find plenty of this stuff.
But Web advertising is still a wild and woolly place, and this type of thing still plagues high-end publishers too. Sometimes it’s the fault of ad networks the publishers use to move their unsold inventory; sometimes the bogus ads are bought directly from the publishers themselves.
Indeed, I’ve accidentally inflicted these type of malware pop-ups on my own sites, as several ad networks that run third-party advertisements — Google is the most noteworthy — do too little to prevent it from happening.