Are Web Advertisements Infecting Your Computer?

  • Comments: 24
  • Written on: May 19th, 2010

ZDNet is reporting today that new research released by Dasient shows that as many as 1.3 million malicious ads are displayed to web surfers daily.  The bad ads break down into two categories – 59% percent of them are drive-by downloads and 41% were fake-alert security software scams.

This new method of infecting PCs is called malvertising, and it is on the increase.  Malicious attackers trick an ad network into running an ad that contains viruses or malware.  The ad is then displayed on legitimate websites like Fox News, CNN, and others.  Visitors get infected and if there is any blowback, it gets thrown at the website because most surfers don’t understand that its was the advertisement that nipped them

The research also indicated:

  • The chances of getting infected from a malvertisement is 2x more likely on a weekend, and infected ads go undetected for up to 8 days on average
  • 97% of Fortune 500 web sites are at a high risk of getting infected with malware through third party software providers like Java or Flash
  • 69% of Fortune 500 companies use external Javascript and 64% of them are running outdated web applications

How Do The Bad Guys Trick Fortune 500 Companies?

The bad guys are posing as a legitimate company and tricking the advertising departments of legitimate media outlets to run the malvertisements.  That is why they run the ads on the weekend when no one at the big companies is paying attention.  For example, in September of 2009 the New Your Times got duped:

The creator of the malicious ads posed as Vonage, the Internet telephone company, and persuaded NYTimes.com to run ads that initially appeared as real ads for Vonage. At some point, possibly late Friday, the campaign switched to displaying the virus warnings. Because The Times thought the campaign came straight from Vonage, which has advertised on the site before, it allowed the advertiser to use an outside vendor that it had not vetted to actually deliver the ads, Ms. McNulty said. That allowed the switch to take place.

It Won’t Happen to Me, Right?  WRONG

If you plan on keeping safe by avoiding weekend surfing, don’t get too comfortable.

In another report recently released by Google’s Security Team, they stated that the fake-alert malware infections are now making up 50 percent of all malware delivered via ads.

In this month’s issue, Consumer Reports ranked security software.  The ONLY product that was able to protect your PC against malvertisements (malware infections) was Symantec’s Norton Internet Security and Norton 360 software.

NONE of the free security products protect your computer and MOST of the paid ones (including McAfee, Webroot, and Computer Associates) don’t get the job done either.  Overall, Symantec was ranked above all others.

What are you doing to keep your computer safe?  Have you been stung by one of these ads?

  1. Net Age | Web Development said on May 23rd, 2010 at 5:02 am

    All these creeps getting up to no good and actually just plain scewing people over in the internet world really annoys me. It would be nice to have a virtual courtroom where we can try them for their crimes and destroy their internet assets if they wer found guilty. You can not negotiate with pirates…..

  2. payday uk said on May 24th, 2010 at 9:06 pm

    Totally agree with Net age.. its high time.. we need companies and people to be accountable for what they do..It makes me sad that there is nothing we can do against them.

  3. Laptop Attache said on May 25th, 2010 at 1:01 pm

    Yes it is unfortunate that people and companies get away with this by doing their crimes from foreign countries. Those countries need to stop protecting their criminals and give them the punishment they deserve. I do have to give them a bit of credit for being smart enough to pull some of these scams over the weekend when they know the ads would take longer to get pulled.

  4. Wealth Education said on May 27th, 2010 at 8:23 am

    I like the new term MALVERTISEMENT and they’re really annoying.

  5. business it solutions said on June 2nd, 2010 at 2:15 am

    Some blogs aren’t, some blogs are. It’s just a publishing platform, Helm. There’s no reason it can’t be used for journalism, and it has been, many times.

  6. Tasarım said on June 3rd, 2010 at 12:25 pm

    I always hated web advertisements with massive amounts of malware 🙁

  7. Depresyon said on June 3rd, 2010 at 3:04 pm

    Wow Thor… I didn’t know Google collected that much of an information. I’m seriously considering to migrate now also :/

  8. Depresyon said on June 3rd, 2010 at 3:29 pm

    Oops wrong article! Anyway. I recall getting reported a lot of advertisements with malware in the past few months :/ Especially some of them included some of adobe flash player’s bugs to inject keyloggers to client’s computers…

  9. Laptop Attache said on June 4th, 2010 at 1:15 pm

    I wonder how many companies have to be targeted like this before someone cracks down on this illegal abuse. There needs to be some kind of worldwide internet authority who can make the web a safer place for everyone. They need the power to prosecute people no matter what country they are basing their scams out of.

  10. Moorpark Real Estate said on June 5th, 2010 at 1:43 pm

    Yeah they are very irritating when they pop up with every new window open. I hate all. Most of the time they are having with dangerous malware and spyware. I ignored such add’s always.

  11. Wedding Planning Checklist said on June 7th, 2010 at 1:01 pm

    I don’t know how much of it is tricking as to how much of it is just greed on the advertisers parts. I don’t think they monitor things as well. As long as they are paying for the ads, don’t think it really matters to them.

  12. cheap college textbooks said on June 9th, 2010 at 12:20 pm

    I have yet to get scammed on this yet but I rarely click on adds anyway. It is getting harder and harder to find trustworthy places on the web.

  13. Roy Wilkerson said on June 10th, 2010 at 6:24 am

    Those countries need to stop protecting their criminals and give them the punishment they deserve.There needs to be some kind of worldwide internet authority who can make the web a safer place for everyone

  14. Laptop Attache said on June 10th, 2010 at 3:52 pm

    Good point Wedding Planning. Ad companies could easily avoid such situations with stricter policies. When someone is waving money in their face, some companies don’t use the best judgment. Sometimes all it takes is one sales rep who is aggressively going after commission.

  15. payday uk said on June 14th, 2010 at 11:46 am

    Right.. its really difficult to escape such sites.. more so when you say they can be some popular ones.. I guess its a handwork of some antivirus companies which just want to make their use compulsory..

  16. taoist meditation said on June 16th, 2010 at 5:14 am

    Hi this title is looking more impressive and attractive but i note believe this title because no any site advertisement is will be effective all is nice sharing.

  17. Ev Yemekleri said on June 16th, 2010 at 9:42 pm

    I have Spyware Doctor installed on my computer, but i am really clear on the stuff it finds. I never take time to search on the alerts at the end of the scans, but i am sure some of those are just fake.

  18. seks shop said on June 19th, 2010 at 4:19 am

    I like the new term MALVERTISEMENT and they’re really annoying.

  19. fx15 said on June 20th, 2010 at 2:11 pm

    ZDNet is reporting today that new research released by Dasient shows that as many as 1.3 million malicious ads are displayed to web surfers daily. The bad ads break down into two categories – 59% percent of them are drive-by downloads and 41% were fake-alert security software scams.
    This new method of infecting PCs is called malvertising, and it is on the increase. Malicious attackers trick an ad network into running an ad that contains viruses or malware. The ad is then displayed on legitimate websites like Fox News, CNN, and others. Visitors get infected and if there is any blowback, it gets thrown at the website because most surfers don’t understand that its was the advertisement that nipped them

  20. Moorpark Real Estate said on June 23rd, 2010 at 12:08 pm

    Yeah definitely! I do have to give them a bit of credit for being smart enough to pull some of these scams over the weekend when they know the ads would take longer to get pulled. Awaiting for your next post.

  21. Moorpark Real Estate said on June 24th, 2010 at 4:22 am

    Yeah really, i got irritated when an advertisement pop up when i doing some important work and they all carried massive amounts of Malware too.

  22. Tasarım said on July 1st, 2010 at 7:17 am

    Now that you mention it, I see a lot of adverts with keyloggers embedded in them. That is so screwed up 🙁

  23. Email Marketing Resources said on July 3rd, 2010 at 5:10 pm

    That was a real blunder by the Times – they did not research their client’s nor the sources. I bet you they lost readership due to that mix up. Too bad.

    What does that teach you about external ads?

    – Do some Due Diligence before you embed.

  24. eWay Web Designs said on August 25th, 2010 at 10:09 am

    We see one or two every now and again. The best bit of advice I always give to clients is to think twice before clicking anything, and to avoid Internet Explorer as possible.

    I have nothing against MS, bus as the most popular browser, it receives the most attacks. I also generally point out that Word documents, PDF files and similar can carry some viruses.

What do you think? Join the discussion...

How do I change my avatar?

Go to gravatar.com and upload your preferred avatar.

Subscribe to My RSS Feed

Subscribe Form Click to Subscribe or

      TwitterCounter for @thorschrock

Ed Wunder Loves Schrock's Service

Top Commentators

Schrock Innovations' New Ride

Revolution Wraps Rocks!

Geek Squad Hires Anyone!

Other Recent Videos


We're on the Morning Blend answering your Lincoln Nebraska computer repair questions regarding warranties


Need your computer repaired in Omaha? If you're never visited Schrock Innovations before (1st time client), stop by for a FREE hour of repair

Our Open Adoption

    Kim and I are seeking to adopt another child through Open Adoption. If you know of a birth mother seeking a stable, loving family in Nebraska, please direct her to our website at nebraskaopenadoption.com.

Thor's Sponsors

    Computer Repair Lincoln NE
© Thor Schrock 2009