Advertising network provided ads for rogue security product.
Online advertising system
DoubleClick
, part of an ongoing acquisition attempt by
Google
, has allowed a wave of extortion trojans to be pushed out via its ad network, appearing on numerous trusted websites for some time before being stopped earlier this week.
The scamware, a version the of
WinFixer
rogue security product which harasses victims into purchasing a system cleaner product with repeated warnings of serious issues with their computer, was part of a range of inappropriate advertising pushed into
DoubleClick
‘s ubiquitous output by German-based ad firm
AdTraff.com
, linked by researchers at
Sunbelt
to a notorious scamming organisation.
DoubleClick
claims to have implemented a range of policies to prevent malware from infiltrating its ads, but scamware presents a legal minefield as it often avoids illicit infiltration of the system, instead relying on social engineering to coerce victims into parting with cash for unnecessary and unhelpful software.
A detailed investigation into the incident, including comment from several
Sunbelt
experts involved in tracking the scam and the scammers, is in
eWeek
here
.
Posted on 14 November 2007 by
Virus Bulletin
Leave a Reply