Monday, September 14, 2009

All the news malware that's fit to print

Seems that the New York Times was the victim of some Black Hats over the weekend, who broke into their web server and served up malware:

The New York Times was co-opted into pushing fake anti-virus malvertisements after hackers broke into its banner ad feed over the weekend.

Surfers visiting the site were confronted by malicious pop-up window that falsely warned that their systems were infected. The ruse was designed to scare people into buying a clean-up utility of little or no value.

The NYT issued a warning (extract below) on the front page of the website and via its Twitter feed on Sunday. The paper explained that the pop-ups were the result of an "unauthorised advertisement".

The Times is precisely the sort of taarget that is high-value to the Bad Guys. Lots of hits, and readers assume that everything is legit, so people are not on their guard.

7 comments:

Antonia - Beauty Health Finance and Green Issues Editor said...

Interesting. People should be on their guard at all times online. Unfortunately, there seems to be a lot of these going on. I suppose as the Internet gets ever popular, so will the sophistication and frequency of online attacks.

Anonymous said...

Any numpty who clicks on a banner ad, deserves what they get. If it sounds interesting, google it can get it from the company directly.

Jim

Borepatch said...

Editor, yes, people need to be on their guard. Especially since malware is sometimes embedded in ads via Doubleclick, the hosting web site may not even know.

reflectoscope, some malware is "clickless" - it automatically pops up.

Anonymous said...

Hmm. I guess that leaves the dilemma of how you get people to embrace a little IT security (i.e. an alternate browser at lease, and an alternate OS at best) when they can't be bothered?

Jim

Sevesteen said...

For an alternate browser--If you are the one fixing the computer, make Firefox easier for them to use than IE. Eliminate all shortcuts to IE except a single one several folders deep in the start menu. Import their bookmarks to Firefox, and put Firefoxshortcuts on the desktop, in the root of the start menu, on the quicklaunch bar, and maybe even in the Startup folder.

I also ask if I can set them up dual boot with Ubuntu, and set it as the default.

Anonymous said...

Sevesteen - That works great on an individual level, but how to you get that out to the masses... en masse?

Jim

Sevesteen said...

En Mass? I think Linux pre-installed at the low end will begin to take care of that before too long. Non-geeks will get a computer with Linux because it is cheap, and discover that it is lower maintenance, too. And that after 6 months of porn surfing, their Vista box has slowed to the point where their Eee PC is now faster.