Risk
9/18/2009
10:32 PM
George V. Hulme
George V. Hulme
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Microsoft Steps Up To Squash Malicious Advertising Threat

While the move by Microsoft to file five civil lawsuits to help fight malicious online advertisers, the winning bet is probably not going to be on this having a big impact on malicious advertising any time soon. There's just too much money being made.

While the move by Microsoft to file five civil lawsuits to help fight malicious online advertisers, the winning bet is probably not going to be on this having a big impact on malicious advertising any time soon. There's just too much money being made.From Thomas Claburn's report Microsoft Files Five Lawsuits To Halt Malicious Advertising:

Microsoft (NSDQ: MSFT) on Tuesday filed five civil lawsuits in Seattle's King County Superior Court to combat malicious online advertising, or malvertising.

The lawsuits allege that an unknown number of individuals using various business names distributed malicious software through Microsoft AdManager, the company's online advertising platform.

"These ads then lead to harmful or deceptive content," said Microsoft associate general counsel Tim Cranton, in a blog post. "For example, ads may redirect users to a Web site that advertises rogue security software, also known as scareware, that falsely claims to detect or prevent threats on the computer."

This isn't the first time Microsoft has gone after organizations for allegedly spewing scourge. In fact, in December 2003 Microsoft sued a number of organizations for violations of consumer protection laws in New York and Washington. The spammers were accused of using forged sender names, false subject lines, fake server names, inaccurate and misrepresented sender addresses, or obscured transmission paths.

All of that is still happening today, and probably in much larger numbers than in 2003. Spam has continued to grow because it's profitable. Hard as it is to believe, people, somewhere, are responding to it and they're buying stuff. If they didn't, spam would stop.

And malicious ads that sell so-called scareware is big money. In our post, XP Security 'Scareware' Scams Skyrocketing, from a year ago, we noted that hundreds of thousands of copies of scareware were being sold within days.

More recently, anti-virus maker Panda Security researchers Luis Corrons and Sean-Paul Correll published a study, The Business of Rogueware [.pdf], that estimated online fraudsters are hauling about 34 million a month through such scareware attacks.

So while it's welcomed news, and will no doubt create a level of hassle for some purveyors of malicous advertising and scareware, these cretins will do what they always do -- and that's move their operations out of the reach of US and Western international laws.

Still, this legal move is good news. It makes it clear that these types of scams won't be tolerated, and lawsuits and hopefully prosecutions will be filed whenever possible. And, just like the battle against spam, more people will probably employ technology to help. In this case, the use of ad-blocking software.

Which brings us to one of Microsoft's likely motivations behind this action: a bigger part of their business going forward will rely on online advertising -- and Web users blocking and ignoring advertisements, because they fear scams or malware, just won't be good for business.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0607
Published: 2014-07-24
Unrestricted file upload vulnerability in Attachmate Verastream Process Designer (VPD) before R6 SP1 Hotfix 1 allows remote attackers to execute arbitrary code by uploading and launching an executable file.

CVE-2014-1419
Published: 2014-07-24
Race condition in the power policy functions in policy-funcs in acpi-support before 0.142 allows local users to gain privileges via unspecified vectors.

CVE-2014-2360
Published: 2014-07-24
OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules allow remote attackers to execute arbitrary code via packets that report a high battery voltage.

CVE-2014-2361
Published: 2014-07-24
OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules, when BreeZ is used, do not require authentication for reading the site security key, which allows physically proximate attackers to spoof communication by obtaining this key after use of direct hardware access or manual-setup mode.

CVE-2014-2362
Published: 2014-07-24
OleumTech WIO DH2 Wireless Gateway and Sensor Wireless I/O Modules rely exclusively on a time value for entropy in key generation, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by predicting the time of project creation.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Sara Peters hosts a conversation on Botnets and those who fight them.