Pushy scamware ads served by DoubleClick

Advertising network provided ads for rogue security product.

Online advertising system DoubleClick, part of an ongoing acquisition attempt by Google, has allowed a wave of extortion trojans to be pushed out via its ad network, appearing on numerous trusted websites for some time before being stopped earlier this week.

VB100

The scamware, a version the of WinFixer rogue security product which harasses victims into purchasing a system cleaner product with repeated warnings of serious issues with their computer, was part of a range of inappropriate advertising pushed into DoubleClick's ubiquitous output by German-based ad firm AdTraff.com, linked by researchers at Sunbelt to a notorious scamming organisation.

DoubleClick claims to have implemented a range of policies to prevent malware from infiltrating its ads, but scamware presents a legal minefield as it often avoids illicit infiltration of the system, instead relying on social engineering to coerce victims into parting with cash for unnecessary and unhelpful software.

A detailed investigation into the incident, including comment from several Sunbelt experts involved in tracking the scam and the scammers, is in eWeek here.

14 November 2007

Tags: advertising, scamware, sunbelt, winfixer.    del.icio.us  digg this! digg this


Poll

Are you still running IE 6?
Yes, on my machine at work
Yes, on my home machine
Yes, on both work and home machines
No, I use a newer version of IE
No, I use a different browser

Leave a comment

Jobs Career Sidebar

Virus Bulletin

In this month's magazine:
  • Social networking meets social engineering
  • Flying solo
  • Geneva convention
  • 7th German Anti Spam Summit 2009
  • Anti-phishing landing page: turning a 404 into a teachable moment
  • An update on spamming botnets: are we losing the war?
  • Windows Server 2008 Standard Edition SP2 x86
Virus Bulletin 10 2009
Subscribe now!
Virus Bulletin currently has 187,817 registered users.