Yep, looks like the same sleazebags. Any idea what the ad networks are doing about this problem?
Richard > I reported on something similar at Ynetnews (see > http://blogs.pcmag.com/securitywatch/2007/11/and_suddenly_some_strange_site.php) > about a week ago. I wonder if it's the same ad network. > > The Ynet attacks persist. They knew about it probably at least 10 days ago > and I saw it again yesterday, this time in Firefox. > > Larry Seltzer > eWEEK.com Security Center Editor > http://security.eweek.com/ > http://blogs.pcmag.com/securitywatch/ > Contributing Editor, PC Magazine > [EMAIL PROTECTED] > > -------------------------------------------------------------------------------- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On > Behalf Of [EMAIL PROTECTED] > Sent: Saturday, November 10, 2007 6:38 PM > To: [email protected] > Subject: *SPAM* [funsec] More info on malware-scan.com ads on newspaper > Web sites > > > Holy sh**. > > Richard > > > http://www.azstarnet.com/business/209714 > > Maliciously coded online ad caused Star's Web site problems > > By Jack Gillum > > ARIZONA DAILY STAR > > Tucson, Arizona | Published: 11.03.2007 > > advertisement > > > > A maliciously coded online advertisement was responsible for causing > problems for Tucson Newspapers' Web sites this week, the company said > Friday. > > > > The ads, which the company said were purchased with a fraudulent > credit-card number, directed some Web visitors to sites that could have > installed harmful software, or "malware." > > > > The problem was reported Wednesday by the Pima County Department of > Environmental Quality, which advised its employees not to visit the > Arizona Daily Star Web site over computer-safety concerns. When their > employees visited the Star's site, anti-virus software alerted them of > trouble. > > > > The fraudulent ad purchase was discovered Wednesday and the ad was removed > Thursday, said Susan Hardin, director of online for Tucson Newspapers, > which is jointly owned by the Arizona Daily Star and Tucson Citizen > newspapers. > > > > Hardin said the ads in question were bought by a company called ForceUp, > which could not be reached for comment because a phone number for the > company at an Idaho area code was disconnected, and an e-mail contact form > was inaccessible. > > > > Affected users were redirected to a different site and then presented with > fake virus-scanning software that was itself malicious software. > > > > Hardin recommends that users block access to malwarealarm.com, > newbieadguide.com, and malware-scan.com, and delete infected files from a > computer's PC and Windows registry. > > > > Tucson Newspapers previously said that some video advertisements may have > been the problem. But as of Friday, the company narrowed down the problem > to the suspect ads, which Hardin said were up in the morning hours for the > last 10 to 18 days. > > > > "This hasn't happened before, and our people reacted very quickly," said > Tucson Newspapers President and CEO Mike Jameson. "We'll just have to be > more vigilant in the future about these things." > > > > The ad, Tucson Newspapers said, circulated to other newspaper sites across > the country. > > > > â Contact reporter Jack Gillum at 573-4178 or at [EMAIL PROTECTED] > > > > _______________________________________________ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
