Google used to distribute malware

Author: Gareth Halfacree
Published: 29th September 2009
Comments (10) Stumble
Google used to distribute malware

The popular conservative site DrudgeReport found itself offering malware to its users via Google's DoubleClick service.

Google has become the latest vector for ad-based malware distribution after its DoubleClick advertising arm became a delivery mechanism.

As reported over on The Register, Google's advertising arm started offering adverts which lead to malware sites attempting to take advantage of holes in Microsoft's DirectShow and the JavaScript engine in Adobe's Acrobat Reader.

The affected adverts - which were also distributed by the Yahoo-owned Right Media as well as FastClick - caused the Win32/Alureon Trojan to be installed onto machines which had not yet had the required patches installed. During the three days in which they were available, web filtering specialist ScanSafe claims that the adverts accounted for 11 percent of all pages blocked by their service.

Indeed, the list of affected sites - while small - is a veritable Who's Who of the Internet: conservative news site DrudgeReport, popular psuedo-predictive site Horoscope.com, Slacker.com, and Lyrics.com.

These is far from the first time an advertising service has been thought responsible for seemingly trustworthy sites offering up malware: the New York Times, possibly one of the most popular destinations for web surfers in the US, has suffered from a similar problem, and automated SQL injection attacks have lead to numerous popular sites being infected.

Perhaps most interesting about this particular incident is Google's response regarding the attack: while a spokesman did confirm that a security monitoring system designed to pull malicious and damaging adverts such as these was in place, the company put the onus on the sites themselves claiming that "publishers are in control of what content they are service and are therefore ultimately responsible for determining what advertising appears on their site," seemingly accusing the companies of not performing due diligence before "[approving] the content that goes on to the site before it is introduced into DoubleClick's servers."

Do you believe that Google has a point and that it's up to individual websites to vet the adverts that will appear, or is the entire point of using a supposedly trusted advertising broker that you should be protected from this sort of attack? Share your thoughts over in the forums.
Quote l3v1ck 29th September 2009, 10:18
Quote:
Do you believe that Google has a point and that it's up to individual websites to vet the adverts that will appear, or is the entire point of using a supposedly trusted advertising broker that you should be protected from this sort of attack?
The later. If I ran a website that used adverts, I'd expect the company providing the adverts (ie Google) to vet them first. That's what they're being paid to do.
Quote perplekks45 29th September 2009, 10:37
Exactly my thoughts. If you have a company supplying you with ads, you have to be sure that they check them before.
Quote Mentai 29th September 2009, 10:51
What a crap statement from Google, the onus is entirely on them as far as I'm concerned.
Quote pizan 29th September 2009, 13:34
Still though how long ago were the patches for these released?
Quote ssjaj 29th September 2009, 17:57
Considering Google has millions of advertisements, expecting them to sift through every single one of them is ludicrous. I would like to think they have a system in place to sniff the sites as they would for the search engine, but a cleverly coded site could very well avoid detection. Especially when the site is designed to be stealthy with its delivery.

Personally for all the good Google has done, they are certainly merited a few slips. Things like this are what increase security and scrutiny of policies.
Quote thehippoz 29th September 2009, 18:34
http://www.wmexperts.com/articleimages/2007/abc/balmer_developers.jpg

google is a house of cards! :p
Quote Shagbag 29th September 2009, 19:30
Quote:
Originally Posted by pizan
Still though how long ago were the patches for these released?
Exactly. The www is a hostile place and the onus is on everyone to make sure it's as safe as it possibly can be.
Quote crazyceo 29th September 2009, 21:22
Ladies and Gentlemen of the Jury.........................I rest my Case!
Quote B3CK 30th September 2009, 01:18
As to google's response, I would have to read their agreement for the use of their ads service.

To blame, however, would be the end user for not keeping their own systems up to date.
Quote xprodancer 30th September 2009, 01:23
to be frank with everyone! its google and whatever company that is using the add's fault they should both be scanning the add's not just using them on there website!
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.







Mobile Phones

LG Arena ReviewHTC Magic Review

Compare over 250 mobile phones &
52,000 deals!



Broadband

Mobile Broadband

Compare over 100 broadband & mobile broadband deals online!

Dragonage