In an effort to protect Windows users, Microsoft is suing unidentified scammers for distributing malware through online ads.

Thomas Claburn, Editor at Large, Enterprise Mobility

September 17, 2009

3 Min Read

Microsoft on Tuesday filed five civil lawsuits in Seattle's King County Superior Court to combat malicious online advertising, or malvertising.

The lawsuits allege that an unknown number of individuals using various business names distributed malicious software through Microsoft AdManager, the company's online advertising platform.

"These ads then lead to harmful or deceptive content," said Microsoft associate general counsel Tim Cranton, in a blog post. "For example, ads may redirect users to a Web site that advertises rogue security software, also known as scareware, that falsely claims to detect or prevent threats on the computer."

Cranton says that malicious ads can also infect vulnerable computers with Trojan software, which can steal data, hinder operation, or turn computers into zombies, or bots.

Click Forensics, a company that tracks click fraud, on Thursday said that it had discovered a 200,000 computer botnet -- a group of compromised computers harnessed to work in unison -- linked to the Microsoft lawsuits. In a blog post, Steve O'Brien, VP of sales and marketing at Click Forensics called it "one of the most advanced sources of click fraud we've seen."

The botnet, known as the "Bahama botnet" because it at one time directed online traffic through computers in the Bahamas, is believed to be linked to the malicious advertising that appeared on the New York Times Web site several days ago, according to O'Brien.

Although O'Brien suggests that the cyber crime group believed to be responsible is located in Ukraine, Richard Boscovich, senior attorney at Microsoft for Internet safety enforcement, said in a phone interview that it's not clear where the people responsible are located.

In early 2008, Niels Provos, a security engineer at Google, said in a blog post that about 2% of malicious Web sites were distributing malware through advertising, based on an analysis of about 2,000 known advertising networks.

In June, Google launched Anti-Malvertising.com to help its ad network partners identify potential providers of malicious advertisements.

Microsoft last October cited Adobe Flash files as a growing medium for malware distribution.

The trend was also noted by Finjan, a security company. "We have started to see 'in the wild' cases where Flash-based ads are being used by cybercriminals," Finjan's Q4 2008 Web Security Trends Report states. "Due to the simplicity of these techniques, we believe it will evolve into a major trend in 2009."

Boscovich said that malvertising "is definitely an emerging threat. We're seeing more of it."

Malveristing presents a problem to companies that depend on online advertising because its existence justifies the use of ad blocking software. Approximately 1% of Internet users worldwide -- 5% of Firefox users -- use ad blocking software. If that number grows in response to an increase in malvertising, online ad revenue is likely to suffer.

As Microsoft's Cranton put it, "This work is vitally important because online advertising helps keep the Internet up and running. It's the fuel that drives search technologies. It pays for free online services like Windows Live, Facebook, Yahoo and MSN. Fraud and malicious abuse of online ad platforms are therefore a serious threat to the industry and for all consumers and businesses that rely on these free services."

Boscovich advises users to keep their antivirus software up-to-date and to install operating system updates. "And don't provide any personal information to Web sites that you're not sure of," he said.


InformationWeek Analytics has published an independent analysis on data-loss prevention. Download the report here (registration required).

Read more about:

2009

About the Author(s)

Thomas Claburn

Editor at Large, Enterprise Mobility

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful master's degree in film production. He wrote the original treatment for 3DO's Killing Time, a short story that appeared in On Spec, and the screenplay for an independent film called The Hanged Man, which he would later direct. He's the author of a science fiction novel, Reflecting Fires, and a sadly neglected blog, Lot 49. His iPhone game, Blocfall, is available through the iTunes App Store. His wife is a talented jazz singer; he does not sing, which is for the best.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights