Pushy scamware ads served by DoubleClick

Advertising network provided ads for rogue security product.

Online advertising system DoubleClick, part of an ongoing acquisition attempt by Google, has allowed a wave of extortion trojans to be pushed out via its ad network, appearing on numerous trusted websites for some time before being stopped earlier this week.

The scamware, a version the of WinFixer rogue security product which harasses victims into purchasing a system cleaner product with repeated warnings of serious issues with their computer, was part of a range of inappropriate advertising pushed into DoubleClick's ubiquitous output by German-based ad firm AdTraff.com, linked by researchers at Sunbelt to a notorious scamming organisation.

DoubleClick claims to have implemented a range of policies to prevent malware from infiltrating its ads, but scamware presents a legal minefield as it often avoids illicit infiltration of the system, instead relying on social engineering to coerce victims into parting with cash for unnecessary and unhelpful software.

A detailed investigation into the incident, including comment from several Sunbelt experts involved in tracking the scam and the scammers, is in eWeek here.

14 November 2007

Tags: advertising, scamware, sunbelt, winfixer. del.icio.us digg this