Google has become the latest vector for ad-based malware distribution after its DoubleClick advertising arm became a delivery mechanism.
As reported over on The Register
The affected adverts - which were also distributed by the Yahoo-owned Right Media as well as FastClick - caused the Win32/Alureon Trojan to be installed onto machines which had not yet had the required patches installed. During the three days in which they were available, web filtering specialist ScanSafe claims that the adverts accounted for 11 percent of all pages blocked by their service.
Indeed, the list of affected sites - while small - is a veritable Who's Who
of the Internet: conservative news site DrudgeReport, popular psuedo-predictive site Horoscope.com, Slacker.com, and Lyrics.com.
These is far from the first time an advertising service has been thought responsible for seemingly trustworthy sites offering up malware: the New York Times, possibly one of the most popular destinations for web surfers in the US, has suffered from a similar problem
, and automated SQL injection attacks have lead to numerous popular sites
Perhaps most interesting about this particular incident is Google's response regarding the attack: while a spokesman did confirm that a security monitoring system designed to pull malicious and damaging adverts such as these was in place, the company put the onus on the sites themselves claiming that "publishers are in control of what content they are service and are therefore ultimately responsible for determining what advertising appears on their site,
" seemingly accusing the companies of not performing due diligence before "[approving] the content that goes on to the site before it is introduced into DoubleClick's servers.
Do you believe that Google has a point and that it's up to individual websites to vet the adverts that will appear, or is the entire point of using a supposedly trusted advertising broker that you should be protected from this sort of attack? Share your thoughts over in the forums